
CVE-2017-13719 – Amcrest IPM-721S Credential Disclosure / Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-13719
07 Jun 2019 — The Amcrest IPM-721S Amcrest_IPC-AWXX_Eng_N_V2.420.AC00.17.R.20170322 allows HTTP requests that permit enabling various functionalities of the camera by using HTTP APIs, instead of the web management interface that is provided by the application. This HTTP API receives the credentials as base64 encoded in the Authorization HTTP header. However, a missing length check in the code allows an attacker to send a string of 1024 characters in the password field, and allows an attacker to exploit a memory corruptio... • https://packetstorm.news/files/id/153224 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVE-2018-16546
https://notcve.org/view.php?id=CVE-2018-16546
05 Sep 2018 — Amcrest networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation, as demonstrated by Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206. Los dispositivos en red de Amcrest emplean la misma clave privada SSL embebida en diferentes instalaciones de cliente, lo que permite que atacantes remotos superen los mecanismos de... • https://seclists.org/bugtraq/2018/Sep/6 • CWE-798: Use of Hard-coded Credentials •