Vulnerabilities > Amcrest > IPM 721S Firmware > 2.420.ac00.16.r.20160909

DATE CVE VULNERABILITY TITLE RISK
2019-07-03 CVE-2017-8230 Permissions, Privileges, and Access Controls vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909
On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups "admin" and "user".
network
low complexity
amcrest CWE-264
8.8
2019-07-03 CVE-2017-8229 Credentials Management vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials.
network
low complexity
amcrest CWE-255
critical
9.8
2019-07-03 CVE-2017-8228 Permissions, Privileges, and Access Controls vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices mishandle reboots within the past two hours.
network
low complexity
amcrest CWE-264
8.8
2019-07-03 CVE-2017-8227 7PK - Security Features vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have a timeout policy to wait for 5 minutes in case 30 incorrect password attempts are detected using the Web and HTTP API interface provided by the device.
network
low complexity
amcrest CWE-254
critical
9.8
2019-07-03 CVE-2017-8226 Use of Hard-coded Credentials vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in the firmware and can be extracted by anyone who reverses the firmware to identify them.
network
low complexity
amcrest CWE-798
critical
9.8