CVE-2020-5736

Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777. An authenticated remote attacker can abuse this issue to crash the device.
References
Link Resource
https://www.tenable.com/security/research/tra-2020-20 Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:amcrest:1080-lite_8ch_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:1080-lite_8ch:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:amcrest:amdv10814-h5_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:amdv10814-h5:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:amcrest:ipm-721_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:ipm-721:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:amcrest:ip2m-841_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:ip2m-841:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:amcrest:ip2m-841-v3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:ip2m-841-v3:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:amcrest:ip2m-853ew_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:ip2m-853ew:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:amcrest:ip2m-858w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:ip2m-858w:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:amcrest:ip2m-866w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:ip2m-866w:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:amcrest:ip2m-866ew_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:ip2m-866ew:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:amcrest:ip4m-1053ew_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:ip4m-1053ew:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:amcrest:ip8m-2454ew_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:ip8m-2454ew:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:amcrest:ip8m-2493eb_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:ip8m-2493eb:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:amcrest:ip8m-2496eb_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:ip8m-2496eb:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:amcrest:ip8m-2597e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:ip8m-2597e:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:amcrest:ip8m-mb2546ew_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:ip8m-mb2546ew:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:amcrest:ip8m-mt2544ew_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:ip8m-mt2544ew:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:amcrest:ip8m-t2499ew_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:ip8m-t2499ew:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:amcrest:ipm-hx1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amcrest:ipm-hx1:-:*:*:*:*:*:*:*

Information

Published : 2020-04-08 06:15

Updated : 2020-04-09 13:15


NVD link : CVE-2020-5736

Mitre link : CVE-2020-5736


JSON object : View

CWE
CWE-476

NULL Pointer Dereference

Advertisement

dedicated server usa

Products Affected

amcrest

  • ip8m-2597e
  • 1080-lite_8ch_firmware
  • ip2m-853ew_firmware
  • ip2m-858w
  • ip2m-841
  • 1080-lite_8ch
  • ip8m-2493eb
  • ip2m-841_firmware
  • amdv10814-h5
  • ip8m-t2499ew
  • ip8m-2493eb_firmware
  • ip2m-866w
  • amdv10814-h5_firmware
  • ip4m-1053ew
  • ipm-721_firmware
  • ip8m-2496eb_firmware
  • ip8m-2597e_firmware
  • ip2m-841-v3_firmware
  • ip8m-2496eb
  • ip8m-mt2544ew
  • ip8m-2454ew
  • ip4m-1053ew_firmware
  • ip8m-2454ew_firmware
  • ip8m-t2499ew_firmware
  • ip2m-853ew
  • ip2m-858w_firmware
  • ipm-hx1
  • ip2m-841-v3
  • ip8m-mb2546ew
  • ip8m-mb2546ew_firmware
  • ip2m-866ew_firmware
  • ip8m-mt2544ew_firmware
  • ipm-hx1_firmware
  • ipm-721
  • ip2m-866w_firmware
  • ip2m-866ew