IDCVSSSummaryLast (major) updatePublished
CVE-2017-8228 6.8
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices mishandle reboots within the past two hours. Amcrest cloud services does not perform a thorough verification when allowing the user to add a new camera to the user's account to ensure that the user a
11-07-2019 - 02:28 03-07-2019 - 20:15
CVE-2017-8227 5.0
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have a timeout policy to wait for 5 minutes in case 30 incorrect password attempts are detected using the Web and HTTP API interface provided by the device. However, if the same brute force attempt i
11-07-2019 - 01:58 03-07-2019 - 20:15
CVE-2017-8230 4.0
On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups "admin" and "user". However, as a part of security analysis it was identified that a low privileged user who belongs to the "user" group and who
11-07-2019 - 02:31 03-07-2019 - 20:15
CVE-2017-8226 7.5
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in the firmware and can be extracted by anyone who reverses the firmware to identify them. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected u
11-07-2019 - 01:49 03-07-2019 - 20:15
CVE-2017-8229 5.0
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squashfs.img.ext
11-07-2019 - 02:29 03-07-2019 - 20:15
Back to Top Mark selected
Back to Top