Max CVSS | 7.5 | Min CVSS | 4.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-13719 | 7.5 |
The Amcrest IPM-721S Amcrest_IPC-AWXX_Eng_N_V2.420.AC00.17.R.20170322 allows HTTP requests that permit enabling various functionalities of the camera by using HTTP APIs, instead of the web management interface that is provided by the application. Thi
|
17-07-2019 - 15:09 | 03-07-2019 - 20:15 | |
CVE-2017-8230 | 4.0 |
On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups "admin" and "user". However, as a part of security analysis it was identified that a low privileged user who belongs to the "user" group and who
|
11-07-2019 - 02:31 | 03-07-2019 - 20:15 | |
CVE-2017-8229 | 5.0 |
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squashfs.img.ext
|
11-07-2019 - 02:29 | 03-07-2019 - 20:15 | |
CVE-2017-8228 | 6.8 |
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices mishandle reboots within the past two hours. Amcrest cloud services does not perform a thorough verification when allowing the user to add a new camera to the user's account to ensure that the user a
|
11-07-2019 - 02:28 | 03-07-2019 - 20:15 | |
CVE-2017-8227 | 5.0 |
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have a timeout policy to wait for 5 minutes in case 30 incorrect password attempts are detected using the Web and HTTP API interface provided by the device. However, if the same brute force attempt i
|
11-07-2019 - 01:58 | 03-07-2019 - 20:15 | |
CVE-2017-8226 | 7.5 |
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in the firmware and can be extracted by anyone who reverses the firmware to identify them. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected u
|
11-07-2019 - 01:49 | 03-07-2019 - 20:15 |