CVE Tools

amcrest

ICS / OT / IoTUScommercial

7

Cumulative CVEs

1

Monthly snapshots

#64

Peak rank

Top products

ipm-721s firmware6 ip2m-841b firmware1

Latest CVEs

The 12 most recently published vulnerabilities affecting amcrest.

CVE-2024-12984Amcrest IP2M-841B Web Interface webCapsConfig information disclosure5.3Dec 27, 2024
CVE-2020-5735Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.KEV8.8Apr 8, 2020
CVE-2020-5736Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777. An authenticated remote attacker can abuse this issue to crash the device.6.5Apr 8, 2020
CVE-2020-7222An issue was discovered in Amcrest Web Server 2.520.AC00.18.R 2017-06-29 WEB 3.2.1.453504. The login page responds with JavaScript when one tries to authenticate. An attacker who changes the result...5.3Jan 17, 2020
CVE-2019-3948The Amcrest IP2M-841B V2.520.AC00.18.R, Dahua IPC-XXBXX V2.622.0000000.9.R, Dahua IPC HX5X3X and HX4X3X V2.800.0000008.0.R, Dahua DH-IPC HX883X and DH-IPC-HX863X V2.622.0000000.7.R, Dahua DH-SD4XXX...7.5Jul 29, 2019
CVE-2017-13719The Amcrest IPM-721S Amcrest_IPC-AWXX_Eng_N_V2.420.AC00.17.R.20170322 allows HTTP requests that permit enabling various functionalities of the camera by using HTTP APIs, instead of the web manageme...9.8Jul 3, 2019
CVE-2017-8228Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices mishandle reboots within the past two hours. Amcrest cloud services does not perform a thorough verification when allowing the user to add a new c...8.8Jul 3, 2019
CVE-2017-8227Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have a timeout policy to wait for 5 minutes in case 30 incorrect password attempts are detected using the Web and HTTP API interface provided by t...9.8Jul 3, 2019
CVE-2017-8230On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups "admin" and "user". However, as a part of security analysis it was identified that a low pri...8.8Jul 3, 2019
CVE-2017-8226Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in the firmware and can be extracted by anyone who reverses the firmware to identify them. If the firm...9.8Jul 3, 2019
CVE-2017-8229Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using...9.8Jul 3, 2019
CVE-2018-16546Amcrest networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging...5.9Sep 5, 2018