The buffer overflow vulnerability in Dahua products is not in dispute, in fact we covered it when it was first published.
What is in dispute is how significant the vulnerability is, and the risks posed to users with unpatched devices.
This was recently showcased in a Forbes article, calling it bluntly 'the next web crisis', including a video demonstration of an 'Ocean's Eleven' Dahua hack:
IPVM has researched this, talking with Dahua, Forbes and the cybersecurity research firm who found this vulnerability, finding conflicting claims. Inside this report, we examine the vulnerability, the claims being made by each party and what this means for both Dahua and cyber security reporting.