Less than 3 months ago, Dahua received DHS ICS-CERT's worst score of 10.0 for their backdoor.
Now, Dahua has received another 10.0 score for a new vulnerability. Despite that, Dahua has remained silent.
In this note, we examine the vulnerability, Dahua's poor handling of this, compared to competitors Axis and Hikvision, and the potential impact to Dahua.
[Update: After the publication of our report, Dahua has finally acknowledged the vulnerability]