{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74023?format=json","vulnerability_id":"VCID-82pp-zyaw-wfea","summary":"A vulnerability has been found in some Dahua products. An attacker\nmay obtain the device’s CA root certificate. If that CA is installed and\ntrusted on client systems, the attacker could issue fraudulent certificates\ntrusted by those clients and undermine the certificate trust chain.","aliases":[{"alias":"CVE-2026-29114"}],"fixed_packages":[],"affected_packages":[],"references":[{"reference_url":"https://www.dahuasecurity.com/about-dahua/trust-center/dahua-psirt/dhcc-sa-202606-001:-security-advisory-%E2%80%93-vulnerabilities-found-in-some-dahua-products","reference_id":"dhcc-sa-202606-001:-security-advisory-%E2%80%93-vulnerabilities-found-in-some-dahua-products","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-10T14:55:17Z/"}],"url":"https://www.dahuasecurity.com/about-dahua/trust-center/dahua-psirt/dhcc-sa-202606-001:-security-advisory-%E2%80%93-vulnerabilities-found-in-some-dahua-products"}],"weaknesses":[{"cwe_id":538,"name":"Insertion of Sensitive Information into Externally-Accessible File or Directory","description":"The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information."}],"exploits":[],"severity_range_score":"2.3 - 2.3","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-82pp-zyaw-wfea"}