1. CVE-Search
  2. CVE-2020-5735
ID CVE-2020-5735
Summary Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.
References
Vulnerable Configurations
  • cpe:2.3:o:amcrest:1080-lite_8ch_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:1080-lite_8ch_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:1080-lite_8ch:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:1080-lite_8ch:-:*:*:*:*:*:*:*
  • cpe:2.3:o:amcrest:amdv10814-h5_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:amdv10814-h5_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:amdv10814-h5:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:amdv10814-h5:-:*:*:*:*:*:*:*
  • cpe:2.3:o:amcrest:ipm-721_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:ipm-721_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:ipm-721:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:ipm-721:-:*:*:*:*:*:*:*
  • cpe:2.3:o:amcrest:ip2m-841_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:ip2m-841_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:ip2m-841:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:ip2m-841:-:*:*:*:*:*:*:*
  • cpe:2.3:o:amcrest:ip2m-841-v3_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:ip2m-841-v3_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:ip2m-841-v3:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:ip2m-841-v3:-:*:*:*:*:*:*:*
  • cpe:2.3:o:amcrest:ip2m-853ew_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:ip2m-853ew_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:ip2m-853ew:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:ip2m-853ew:-:*:*:*:*:*:*:*
  • cpe:2.3:o:amcrest:ip2m-858w_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:ip2m-858w_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:ip2m-858w:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:ip2m-858w:-:*:*:*:*:*:*:*
  • cpe:2.3:o:amcrest:ip2m-866w_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:ip2m-866w_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:ip2m-866w:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:ip2m-866w:-:*:*:*:*:*:*:*
  • cpe:2.3:o:amcrest:ip2m-866ew_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:ip2m-866ew_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:ip2m-866ew:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:ip2m-866ew:-:*:*:*:*:*:*:*
  • cpe:2.3:o:amcrest:ip4m-1053ew_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:ip4m-1053ew_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:ip4m-1053ew:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:ip4m-1053ew:-:*:*:*:*:*:*:*
  • cpe:2.3:o:amcrest:ip8m-2454ew_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:ip8m-2454ew_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:ip8m-2454ew:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:ip8m-2454ew:-:*:*:*:*:*:*:*
  • cpe:2.3:o:amcrest:ip8m-2493eb_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:ip8m-2493eb_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:ip8m-2493eb:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:ip8m-2493eb:-:*:*:*:*:*:*:*
  • cpe:2.3:o:amcrest:ip8m-2496eb_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:ip8m-2496eb_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:ip8m-2496eb:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:ip8m-2496eb:-:*:*:*:*:*:*:*
  • cpe:2.3:o:amcrest:ip8m-2597e_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:ip8m-2597e_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:ip8m-2597e:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:ip8m-2597e:-:*:*:*:*:*:*:*
  • cpe:2.3:o:amcrest:ip8m-mb2546ew_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:ip8m-mb2546ew_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:ip8m-mb2546ew:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:ip8m-mb2546ew:-:*:*:*:*:*:*:*
  • cpe:2.3:o:amcrest:ip8m-mt2544ew_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:ip8m-mt2544ew_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:ip8m-mt2544ew:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:ip8m-mt2544ew:-:*:*:*:*:*:*:*
  • cpe:2.3:o:amcrest:ip8m-t2499ew_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:ip8m-t2499ew_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:ip8m-t2499ew:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:ip8m-t2499ew:-:*:*:*:*:*:*:*
  • cpe:2.3:o:amcrest:ipm-hx1_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:amcrest:ipm-hx1_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:amcrest:ipm-hx1:-:*:*:*:*:*:*:*
    cpe:2.3:h:amcrest:ipm-hx1:-:*:*:*:*:*:*:*
CVSS
Base: 8.0 (as of 09-04-2020 - 19:52)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL COMPLETE
cvss-vector via4 AV:N/AC:L/Au:S/C:P/I:P/A:C
refmap via4
misc
Last major update 09-04-2020 - 19:52
Published 08-04-2020 - 13:15
Last modified 09-04-2020 - 19:52
Back to Top