Amcrest Security Camera Vulnerability

As been wrote at ThreatPost, there is around six vulnerability have been found in Amcrest Security Camera by Mandar Satam, a senior security researcher at Synopsys as follows:

  1. CVE-2017-8226
  2. CVE-2017-8227
  3. CVE-2017-8228
  4. CVE-2017-8229 (Serious Bug)
  5. CVE-2017-8230
  6. CVE-2017-13719 (Serious Bug)

The Vulnerability is only effect Amcrest HDSeries model IPM-721S cameras

Satam have told to Threatpost that

It’s sad to say, these are not terribly unique vulnerabilities and quite typical of what we see industry-wide

Satam also wrote as follows:

The device allows HTTP requests that allow enabling various functionalities of the camera by using HTTP APIs instead of the web management interface that is provided by the application

Remediation

All user affected will need to update their Amcrest Device firmware to the latest version

Source: Critical Flaws in Amcrest HDSeries Camera Allow Complete Takeover

Author: Wan Ariff

He brings with him more than 2 years of working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *