Vulnerabilities > Amcrest > IPM 721S Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-03 | CVE-2017-8230 | Permissions, Privileges, and Access Controls vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909 On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups "admin" and "user". | 8.8 |
| 2019-07-03 | CVE-2017-8229 | Credentials Management vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909 Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials. | 9.8 |
| 2019-07-03 | CVE-2017-8228 | Permissions, Privileges, and Access Controls vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909 Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices mishandle reboots within the past two hours. | 8.8 |
| 2019-07-03 | CVE-2017-8227 | 7PK - Security Features vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909 Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have a timeout policy to wait for 5 minutes in case 30 incorrect password attempts are detected using the Web and HTTP API interface provided by the device. | 9.8 |
| 2019-07-03 | CVE-2017-8226 | Use of Hard-coded Credentials vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909 Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in the firmware and can be extracted by anyone who reverses the firmware to identify them. | 9.8 |
| 2019-07-03 | CVE-2017-13719 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Amcrest Ipm-721S Firmware Amcrestipcawxxengnv2.420.Ac00.17.R.20170322 The Amcrest IPM-721S Amcrest_IPC-AWXX_Eng_N_V2.420.AC00.17.R.20170322 allows HTTP requests that permit enabling various functionalities of the camera by using HTTP APIs, instead of the web management interface that is provided by the application. | 9.8 |