Dahua ICC Intelligent IOT Comprehensive Management Platform Remote Code Execution Scanner

The Dahua ICC Intelligent IoT Comprehensive Management Platform is an IoT management software developed specifically for Dahua Corporation and is widely used for the unified management of multiple intelligent devices and systems. This platform provides users with the ability to monitor the status of devices in real time and supports intelligent functions such as device management, monitoring and alerting, and data analysis, which are used by a variety of industries to improve efficiency and convenience. The intelligent functions realized by it allow a wide range of applications and controls to meet various business needs.

The platform is affected by a deserialization vulnerability present in the fastjson library, which could lead to Remote Code Execution (RCE), allowing an attacker to execute arbitrary code on the system. The vulnerability may be exploited without user input or validation, making it extremely risky and could pose a serious threat to the system. An attacker could obtain improper privileges by constructing malicious JSON input to trigger the vulnerability.

Technical details indicate that the vulnerability exists in the platform's parsing of specific JSON loads, allowing untrusted data to be executed.POST requests to the /evo-runs/v1.0/auths/sysusers/random endpoint with a specific content type to mark the attack as occurring. The deserialization vulnerability was successfully triggered by combining with a specific object type in alibaba fastjson.

Once the vulnerability is exploited, an attacker is able to take full control of the target device by executing arbitrary code on the affected system. This operation could lead to information leakage, service interruption, or even compromise the stability and security of the entire device network. Systems affected by the vulnerability face significant risk of business interruption and data leakage.