CVSS: 9.8EPSS: 66%CPEs: 2EXPL: 1CVE-2017-8229 – Amcrest IPM-721S Credential Disclosure / Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-8229
07 Jun 2019 — Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that many of the binaries in the /usr folder. The binary "sonia" is the one that has the vulnerable function that sets up the default credentials on the device. If one opens this binary in IDA-pro... • http://packetstormsecurity.com/files/153224/Amcrest-IPM-721S-Credential-Disclosure-Privilege-Escalation.html • CWE-255: Credentials Management Errors •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2018-16546
https://notcve.org/view.php?id=CVE-2018-16546
05 Sep 2018 — Amcrest networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation, as demonstrated by Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206. Los dispositivos en red de Amcrest emplean la misma clave privada SSL embebida en diferentes instalaciones de cliente, lo que permite que atacantes remotos superen los mecanismos de... • https://seclists.org/bugtraq/2018/Sep/6 • CWE-798: Use of Hard-coded Credentials •