CVE-2020-5735
Amcrest Cameras and NVR Stack-based Buffer Overflow Vulnerability
Severity Score
8.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
Yes
*KEV
Decision
-
*SSVC
Descriptions
Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.
Las cámaras y NVR Amcrest , son vulnerables a un desbordamiento del búfer en la región stack de la memoria sobre el puerto 37777. Un atacante remoto autenticado puede abusar de este problema para bloquear el dispositivo y posiblemente ejecutar código arbitrario.
Amcrest cameras and NVR contain a stack-based buffer overflow vulnerability through port 37777 that allows an unauthenticated, remote attacker to crash the device and possibly execute code.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-01-06 CVE Reserved
- 2020-04-08 CVE Published
- 2020-04-08 First Exploit
- 2021-11-03 Exploited in Wild
- 2022-05-03 KEV Due Date
- 2024-08-04 CVE Updated
- 2024-12-17 EPSS Updated
CWE
- CWE-121: Stack-based Buffer Overflow
- CWE-787: Out-of-bounds Write
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://www.tenable.com/security/research/tra-2020-20 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/48304 | 2020-04-08 | |
| http://packetstormsecurity.com/files/157164/Amcrest-Dahua-NVR-Camera-IP2M-841-Denial-Of-Service.html | 2024-08-04 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Amcrest Search vendor "Amcrest" | 1080-lite 8ch Firmware Search vendor "Amcrest" for product "1080-lite 8ch Firmware" | - | - |
Affected
| in | Amcrest Search vendor "Amcrest" | 1080-lite 8ch Search vendor "Amcrest" for product "1080-lite 8ch" | - | - |
Safe
|
| Amcrest Search vendor "Amcrest" | Amdv10814-h5 Firmware Search vendor "Amcrest" for product "Amdv10814-h5 Firmware" | - | - |
Affected
| in | Amcrest Search vendor "Amcrest" | Amdv10814-h5 Search vendor "Amcrest" for product "Amdv10814-h5" | - | - |
Safe
|
| Amcrest Search vendor "Amcrest" | Ipm-721 Firmware Search vendor "Amcrest" for product "Ipm-721 Firmware" | < v2.420.ac00.18.r.20200217 Search vendor "Amcrest" for product "Ipm-721 Firmware" and version " < v2.420.ac00.18.r.20200217" | - |
Affected
| in | Amcrest Search vendor "Amcrest" | Ipm-721 Search vendor "Amcrest" for product "Ipm-721" | - | - |
Safe
|
| Amcrest Search vendor "Amcrest" | Ip2m-841 Firmware Search vendor "Amcrest" for product "Ip2m-841 Firmware" | < v2.420.ac00.18.r.20200217 Search vendor "Amcrest" for product "Ip2m-841 Firmware" and version " < v2.420.ac00.18.r.20200217" | - |
Affected
| in | Amcrest Search vendor "Amcrest" | Ip2m-841 Search vendor "Amcrest" for product "Ip2m-841" | - | - |
Safe
|
| Amcrest Search vendor "Amcrest" | Ip2m-841-v3 Firmware Search vendor "Amcrest" for product "Ip2m-841-v3 Firmware" | < v2.800.0000000.6.r.200314 Search vendor "Amcrest" for product "Ip2m-841-v3 Firmware" and version " < v2.800.0000000.6.r.200314" | - |
Affected
| in | Amcrest Search vendor "Amcrest" | Ip2m-841-v3 Search vendor "Amcrest" for product "Ip2m-841-v3" | - | - |
Safe
|
| Amcrest Search vendor "Amcrest" | Ip2m-853ew Firmware Search vendor "Amcrest" for product "Ip2m-853ew Firmware" | < v2.623.00ac004.0.r.200316 Search vendor "Amcrest" for product "Ip2m-853ew Firmware" and version " < v2.623.00ac004.0.r.200316" | - |
Affected
| in | Amcrest Search vendor "Amcrest" | Ip2m-853ew Search vendor "Amcrest" for product "Ip2m-853ew" | - | - |
Safe
|
| Amcrest Search vendor "Amcrest" | Ip2m-858w Firmware Search vendor "Amcrest" for product "Ip2m-858w Firmware" | < v2.623.00ac004.0.r.200316 Search vendor "Amcrest" for product "Ip2m-858w Firmware" and version " < v2.623.00ac004.0.r.200316" | - |
Affected
| in | Amcrest Search vendor "Amcrest" | Ip2m-858w Search vendor "Amcrest" for product "Ip2m-858w" | - | - |
Safe
|
| Amcrest Search vendor "Amcrest" | Ip2m-866w Firmware Search vendor "Amcrest" for product "Ip2m-866w Firmware" | < v2.623.00ac004.0.r.200316 Search vendor "Amcrest" for product "Ip2m-866w Firmware" and version " < v2.623.00ac004.0.r.200316" | - |
Affected
| in | Amcrest Search vendor "Amcrest" | Ip2m-866w Search vendor "Amcrest" for product "Ip2m-866w" | - | - |
Safe
|
| Amcrest Search vendor "Amcrest" | Ip2m-866ew Firmware Search vendor "Amcrest" for product "Ip2m-866ew Firmware" | < v2.623.00ac004.0.r.200316 Search vendor "Amcrest" for product "Ip2m-866ew Firmware" and version " < v2.623.00ac004.0.r.200316" | - |
Affected
| in | Amcrest Search vendor "Amcrest" | Ip2m-866ew Search vendor "Amcrest" for product "Ip2m-866ew" | - | - |
Safe
|
| Amcrest Search vendor "Amcrest" | Ip4m-1053ew Firmware Search vendor "Amcrest" for product "Ip4m-1053ew Firmware" | < v2.623.00ac004.0.r.200316 Search vendor "Amcrest" for product "Ip4m-1053ew Firmware" and version " < v2.623.00ac004.0.r.200316" | - |
Affected
| in | Amcrest Search vendor "Amcrest" | Ip4m-1053ew Search vendor "Amcrest" for product "Ip4m-1053ew" | - | - |
Safe
|
| Amcrest Search vendor "Amcrest" | Ip8m-2454ew Firmware Search vendor "Amcrest" for product "Ip8m-2454ew Firmware" | < v2.622.00ac000.0.r.200320 Search vendor "Amcrest" for product "Ip8m-2454ew Firmware" and version " < v2.622.00ac000.0.r.200320" | - |
Affected
| in | Amcrest Search vendor "Amcrest" | Ip8m-2454ew Search vendor "Amcrest" for product "Ip8m-2454ew" | - | - |
Safe
|
| Amcrest Search vendor "Amcrest" | Ip8m-2493eb Firmware Search vendor "Amcrest" for product "Ip8m-2493eb Firmware" | < v2.622.00ac000.0.r.200320 Search vendor "Amcrest" for product "Ip8m-2493eb Firmware" and version " < v2.622.00ac000.0.r.200320" | - |
Affected
| in | Amcrest Search vendor "Amcrest" | Ip8m-2493eb Search vendor "Amcrest" for product "Ip8m-2493eb" | - | - |
Safe
|
| Amcrest Search vendor "Amcrest" | Ip8m-2496eb Firmware Search vendor "Amcrest" for product "Ip8m-2496eb Firmware" | < v2.622.00ac000.0.r.200320 Search vendor "Amcrest" for product "Ip8m-2496eb Firmware" and version " < v2.622.00ac000.0.r.200320" | - |
Affected
| in | Amcrest Search vendor "Amcrest" | Ip8m-2496eb Search vendor "Amcrest" for product "Ip8m-2496eb" | - | - |
Safe
|
| Amcrest Search vendor "Amcrest" | Ip8m-2597e Firmware Search vendor "Amcrest" for product "Ip8m-2597e Firmware" | < v2.800.00ac000.0.r.200330 Search vendor "Amcrest" for product "Ip8m-2597e Firmware" and version " < v2.800.00ac000.0.r.200330" | - |
Affected
| in | Amcrest Search vendor "Amcrest" | Ip8m-2597e Search vendor "Amcrest" for product "Ip8m-2597e" | - | - |
Safe
|
| Amcrest Search vendor "Amcrest" | Ip8m-mb2546ew Firmware Search vendor "Amcrest" for product "Ip8m-mb2546ew Firmware" | < v2.622.00ac000.0.r.200320 Search vendor "Amcrest" for product "Ip8m-mb2546ew Firmware" and version " < v2.622.00ac000.0.r.200320" | - |
Affected
| in | Amcrest Search vendor "Amcrest" | Ip8m-mb2546ew Search vendor "Amcrest" for product "Ip8m-mb2546ew" | - | - |
Safe
|
| Amcrest Search vendor "Amcrest" | Ip8m-mt2544ew Firmware Search vendor "Amcrest" for product "Ip8m-mt2544ew Firmware" | < v2.622.00ac000.0.r.200320 Search vendor "Amcrest" for product "Ip8m-mt2544ew Firmware" and version " < v2.622.00ac000.0.r.200320" | - |
Affected
| in | Amcrest Search vendor "Amcrest" | Ip8m-mt2544ew Search vendor "Amcrest" for product "Ip8m-mt2544ew" | - | - |
Safe
|
| Amcrest Search vendor "Amcrest" | Ip8m-t2499ew Firmware Search vendor "Amcrest" for product "Ip8m-t2499ew Firmware" | < v2.622.00ac000.0.r.200320 Search vendor "Amcrest" for product "Ip8m-t2499ew Firmware" and version " < v2.622.00ac000.0.r.200320" | - |
Affected
| in | Amcrest Search vendor "Amcrest" | Ip8m-t2499ew Search vendor "Amcrest" for product "Ip8m-t2499ew" | - | - |
Safe
|
| Amcrest Search vendor "Amcrest" | Ipm-hx1 Firmware Search vendor "Amcrest" for product "Ipm-hx1 Firmware" | < v2.420.ac00.18.r.20200217 Search vendor "Amcrest" for product "Ipm-hx1 Firmware" and version " < v2.420.ac00.18.r.20200217" | - |
Affected
| in | Amcrest Search vendor "Amcrest" | Ipm-hx1 Search vendor "Amcrest" for product "Ipm-hx1" | - | - |
Safe
|