A newly discovered Dahua backdoor is described by the researcher discovering it as:
not the result of an accidental logic error or poor programming practice, but rather an intentional backdoor placed into the product by the vendor
This comes after other recent cyber security issues involving Dahua, including:
A group of ex-NSA researchers found these hard-coded credentials in Dahua products. The finding was picked up by The Washington Post and Fortune, but those publications failed to analyze the true extent of Dahua's most recent vulnerability.
IPVM spoke with Terry Dunlap [link no longer available], the CEO of ReFirm, the research company that discovered the vulnerability, as well as representatives from Dahua, to analyze its potential for impact. Will it be the next Mirai? Details are in this note.