Dahua has decided not to provide details they have about how hackers are exploiting their products. They explained:
A public statement about what technology is in place and which models have certain security features would serve as a beacon to hackers to attempt to infiltrate older-model Dahua products. We do not wish to put our customers at risk to such hackers.
Instead, Dahua's communication focuses on Dahua models running firmware releases prior to January 2015. Because of Dahua's fractured distribution / OEM model and historically poor firmware upgrade offering, many devices purchased after January 2015 are at risk.
In this note, we examine why telnet is critical to the Dahua hacks and what you should do about it.