Dahua Technology has released an extensive list of their surveillance cameras that contain authentication bypass flaws. During the login process, attackers can construct malicious data packets and bypass device identity authentication. The vulnerability severity level has a base score of 8.1 and is being tracked as CVE-2021-33044 and CVE-2021-33045.
Dahua is a China-based surveillance camera vendor that has been banned from selling its products in the United States since October 2019. However, many of their surveillance cameras were purchased before the ban took effect and are visibly in use on the Shodan platform, including both affected and non-affected models.