Filtered by vendor Amcrest
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-5736 | 1 Amcrest | 36 1080-lite 8ch, 1080-lite 8ch Firmware, Amdv10814-h5 and 33 more | 2020-04-09 | 6.8 MEDIUM | 6.5 MEDIUM |
| Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777. An authenticated remote attacker can abuse this issue to crash the device. | |||||
| CVE-2020-7222 | 1 Amcrest | 1 Web Server | 2020-01-29 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Amcrest Web Server 2.520.AC00.18.R 2017-06-29 WEB 3.2.1.453504. The login page responds with JavaScript when one tries to authenticate. An attacker who changes the result parameter (to true) in this JavaScript code can bypass authentication and achieve limited privileges (ability to see every option but not modify them). | |||||
| CVE-2018-16546 | 1 Amcrest | 1 Amcrest Ipc-hx1x3x-lexus Eng N Amcrest | 2019-10-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| Amcrest networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation, as demonstrated by Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206. | |||||