Vulnerabilities > Amcrest > IPM 721S Firmware > 2.420.ac00.16.r.20160909
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-03 | CVE-2017-8230 | Permissions, Privileges, and Access Controls vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909 On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups "admin" and "user". | 8.8 |
| 2019-07-03 | CVE-2017-8229 | Credentials Management vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909 Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials. | 9.8 |
| 2019-07-03 | CVE-2017-8228 | Permissions, Privileges, and Access Controls vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909 Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices mishandle reboots within the past two hours. | 8.8 |
| 2019-07-03 | CVE-2017-8227 | 7PK - Security Features vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909 Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have a timeout policy to wait for 5 minutes in case 30 incorrect password attempts are detected using the Web and HTTP API interface provided by the device. | 9.8 |
| 2019-07-03 | CVE-2017-8226 | Use of Hard-coded Credentials vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909 Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in the firmware and can be extracted by anyone who reverses the firmware to identify them. | 9.8 |