CVE-2017-8229 Scanner
CVE-2017-8229 scanner - Credential Disclosure vulnerability in Amcrest IP Camera Web Management
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
1 month
Scan only one
URL
Toolbox
-
Amcrest IPM-721S V2.420.AC00.16.R.20160909 is a popular device used for home surveillance, which is controlled through an online interface. This device enables people to check their homes from remote locations, using the Internet as a medium. Unfortunately, this device incorporates a critical vulnerability detected by security researchers, known as CVE-2018-19287.
CVE-2018-19287 is a vulnerability that can be found in the Amcrest IPM-721S V2.420.AC00.16.R.20160909 device. This vulnerability was detected by security researchers who pointed out that anyone can download the administrative credentials without authentication. The vulnerability is caused by a binary file named "sonia," which configures the device's default credentials. The vulnerability is present in the ARM little endian format, which makes it easy to be exploited.
When CVE-2018-19287 vulnerability is exploited in the Amcrest IPM-721S V2.420.AC00.16.R.20160909 home surveillance device, it can lead to unauthorized access to people's private and sensitive information. The vulnerability allows anyone with access to the device to download the administrative credentials without any need for authentication. As a result, this makes it possible for malicious actors to gain access to private information, such as login information, password details, and other sensitive data.
s4e.io is an online platform known for detecting and reporting vulnerabilities in digital assets like home surveillance devices, web applications, mobile apps, and more. With the pro features of the s4e.io platform, users can easily and quickly learn about vulnerabilities in their digital assets by subscribing to their online security feeds. This ensures that users can stay up-to-date with the latest security vulnerabilities and patches, reducing their chances of being hacked.
REFERENCES
