CVE-2025-31703
Authentication Bypass in Dahua NVR/XVR Serial Port Shell
Publication date: 2026-03-18
Last updated on: 2026-03-18
Assigner: Dahua Technologies
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dahua | nvr2-4ks3 | to 2026-03-03 (exc) |
| dahua | xvr4232an-i | to 2026-03-03 (exc) |
| dahua | xvr1b16h-i | to 2026-03-03 (exc) |
| dahua | dh_nvr2x-4ks3_multilang_v4.005.0000000.6.r.260304 | to 2026-03-03 (exc) |
| dahua | dh_xvr4x32-it_multilang_v4.004.0000001.1.r.260304 | to 2026-03-03 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-305 | The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2025-31703 is a vulnerability found in Dahua NVR/XVR devices that allows a third-party attacker with physical access to the device to gain access to a restricted shell via the serial port.'}, {'type': 'paragraph', 'content': "The attacker can bypass the shell's authentication mechanism and escalate privileges on the device."}, {'type': 'paragraph', 'content': 'This vulnerability affects specific Dahua models and software versions built prior to March 3, 2026.'}] [1]
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'An attacker with physical access to the affected Dahua device can exploit this vulnerability to gain unauthorized access to a restricted shell.'}, {'type': 'paragraph', 'content': "This access allows the attacker to bypass authentication and escalate privileges, potentially compromising the device's confidentiality and integrity."}, {'type': 'paragraph', 'content': 'Although the CVSS score indicates low impact on confidentiality and integrity and no impact on availability, unauthorized access could still lead to misuse or manipulation of the device.'}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by verifying the firmware build time of the Dahua NVR/XVR device. Devices with firmware built prior to March 3, 2026, are vulnerable.'}, {'type': 'paragraph', 'content': 'You can check the firmware build time via the deviceβs web interface by navigating to Settings β System Information β Version Information.'}, {'type': 'paragraph', 'content': "Since the vulnerability requires physical access to the device's serial port, network-based detection commands are not applicable."}] [1]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately update the device firmware to the latest version available from Dahua, ensuring the build date is on or after March 3, 2026.
If your device supports cloud upgrades, use that method for updating. Otherwise, download the latest firmware directly from Dahuaβs official download center or contact local technical support.
Additionally, restrict physical access to the device to prevent attackers from accessing the serial port.