Repository with tools, exploits and research artefacts related to the analysis and discovery of CVE-2025-31702 and related issues.
More info and deep-dive: https://labs.itresit.es/2025/10/15/dahua-cve-2025-31702-p2p-auto-update-eop/
This project collects the material used in the investigation of CVE-2025-31702 and related operational issues (notably P2P/Easy4IP exposure and auto-update inconsistencies). It includes lab scripts, parsers and notes that helped reproduce and validate behaviours seen during DFIR. The code is intended for defensive use in authorized environments only.
- Provide safe, auditable utilities for defenders to validate their deployments.
- Offer detection ideas and mitigation guidance SOC/IR teams can adopt.
- Keep research artifacts and PoCs documented for transparency.
READ THIS BEFORE USING ANY TOOL
This repository contains tools that interact with vendor infrastructure and devices. They are intended only for use on devices you own or systems for which you have explicit written permission to test.
- Unauthorized use is likely illegal and may cause service disruption.
- Before running tools against any network/device, get written authorization.
Minimum environment:
- Python 3.10+