25 matches found
VulnCheck KEV: CVE-2013-6117
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777...
The vulnerability arises from the implementation of the automatic update method for server names in the Dynamic DNS system for domain names in systems using Amcrest IP cameras. This allows a perpetrator to execute arbitrary code or cause a service failure.
The vulnerability of the implementation of the automatic update method for domain names in Dynamic DNS systems of Amcrest IP cameras relates to the writing of data beyond the buffer boundaries in memory when using the 0x62 command with the 0x04 subcommand. Exploiting this vulnerability allows a...
VulnCheck KEV: CVE-2020-5735
Amcrest cameras and NVR contain a stack-based buffer overflow vulnerability through port 37777 that allows an unauthenticated, remote attacker to crash the device and possibly execute code...
Amcrest Cameras and NVR Stack-based Buffer Overflow Vulnerability
Amcrest cameras and NVR contain a stack-based buffer overflow vulnerability through port 37777 that allows an unauthenticated, remote attacker to crash the device and possibly execute code...
CVE-2020-5736
Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777. An authenticated remote attacker can abuse this issue to crash the device...
CVE-2020-5735
Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code...
CVE-2020-5736
Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777. An authenticated remote attacker can abuse this issue to crash the device...
CVE-2020-5735
Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code...
Null pointer dereference
Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777. An authenticated remote attacker can abuse this issue to crash the device...
Stack overflow
Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code...
CVE-2020-5735
Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code...
CVE-2020-5736
Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777. An authenticated remote attacker can abuse this issue to crash the device...
CVE-2020-5736
CVE-2020-5736 concerns Amcrest cameras/NVRs vulnerable to a null pointer dereference via port 37777. The underlying issue is a null pointer dereference that, when exploited by an authenticated remote attacker, can crash the device, causing denial of service. The available connected data consisten...
CVE-2020-5735
Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value:...
Trivial Bug Turns Home Security Cameras Into Listening Posts
A vulnerability in the consumer-grade Amcrest IP2M-841B IP home security video camera would allow an attacker to remotely listen to the camera’s audio over the internet, without authentication. “Essentially, if this thing is connected directly to the internet, it’s anyone’s listening device,”...
CVE-2017-6432
An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of...
CVE-2017-6432
An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of...
Information disclosure
An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of...
CVE-2017-6432
An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of...
CVE-2017-6432
The CVE-2017-6432 entry concerns Dahua DHI-HCVR7216A-S3 devices (firmware 3.210.0001.10, build 2016-06-06). The Dahua DVR protocol on TCP port 37777 is an unencrypted binary protocol; a Man-in-the-Middle can sniff and inject packets, enabling creation of fully privileged new users and capture of ...