CVE-2020-5735 - OpenCVE

Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Complete

AV:N/AC:L/Au:S/C:P/I:P/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Amcrest	1080-lite 8ch 1080-lite 8ch Firmware Amdv10814-h5 Amdv10814-h5 Firmware Ip2m-841 Ip2m-841-v3 Ip2m-841-v3 Firmware Ip2m-841 Firmware Ip2m-853ew Ip2m-853ew Firmware Ip2m-858w Ip2m-858w Firmware Ip2m-866ew Ip2m-866ew Firmware Ip2m-866w Ip2m-866w Firmware Ip4m-1053ew Ip4m-1053ew Firmware Ip8m-2454ew Ip8m-2454ew Firmware Ip8m-2493eb Ip8m-2493eb Firmware Ip8m-2496eb Ip8m-2496eb Firmware Ip8m-2597e Ip8m-2597e Firmware Ip8m-mb2546ew Ip8m-mb2546ew Firmware Ip8m-mt2544ew Ip8m-mt2544ew Firmware Ip8m-t2499ew Ip8m-t2499ew Firmware Ipm-721 Ipm-721 Firmware Ipm-hx1 Ipm-hx1 Firmware

Configuration 1 [-]

AND

cpe:2.3:h:amcrest:1080-lite_8ch:-:*:*:*:*:*:*:*

cpe:2.3:o:amcrest:1080-lite_8ch_firmware:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:h:amcrest:amdv10814-h5:-:*:*:*:*:*:*:*

cpe:2.3:o:amcrest:amdv10814-h5_firmware:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:h:amcrest:ipm-721:-:*:*:*:*:*:*:*

cpe:2.3:o:amcrest:ipm-721_firmware:*:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:h:amcrest:ip2m-841:-:*:*:*:*:*:*:*

cpe:2.3:o:amcrest:ip2m-841_firmware:*:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:h:amcrest:ip2m-841-v3:-:*:*:*:*:*:*:*

cpe:2.3:o:amcrest:ip2m-841-v3_firmware:*:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:h:amcrest:ip2m-853ew:-:*:*:*:*:*:*:*

cpe:2.3:o:amcrest:ip2m-853ew_firmware:*:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:h:amcrest:ip2m-858w:-:*:*:*:*:*:*:*

cpe:2.3:o:amcrest:ip2m-858w_firmware:*:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:h:amcrest:ip2m-866w:-:*:*:*:*:*:*:*

cpe:2.3:o:amcrest:ip2m-866w_firmware:*:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:amcrest:ip2m-866ew_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:amcrest:ip2m-866ew:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:amcrest:ip4m-1053ew_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:amcrest:ip4m-1053ew:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:amcrest:ip8m-2454ew_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:amcrest:ip8m-2454ew:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:amcrest:ip8m-2493eb_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:amcrest:ip8m-2493eb:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:amcrest:ip8m-2496eb_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:amcrest:ip8m-2496eb:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:amcrest:ip8m-2597e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:amcrest:ip8m-2597e:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:amcrest:ip8m-mb2546ew_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:amcrest:ip8m-mb2546ew:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:amcrest:ip8m-mt2544ew_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:amcrest:ip8m-mt2544ew:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:amcrest:ip8m-t2499ew_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:amcrest:ip8m-t2499ew:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:amcrest:ipm-hx1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:amcrest:ipm-hx1:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://packetstormsecurity.com/files/157164/Amcrest-Dahua-NVR-Camera-IP2M-841-Denial-Of-Service.html
https://www.tenable.com/security/research/tra-2020-20

History

No history.

MITRE

Status: PUBLISHED

Assigner: tenable

Published: 2020-04-08T12:42:25

Updated: 2024-08-04T08:39:25.700Z

Reserved: 2020-01-06T00:00:00

Link: CVE-2020-5735

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-04-08T13:15:13.003

Modified: 2020-04-09T19:52:38.903

Link: CVE-2020-5735

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object