CVE-2017-13719— Amcrest IPM-721S 缓冲区错误漏洞
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2017-13719 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗ 尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
The Amcrest IPM-721S Amcrest_IPC-AWXX_Eng_N_V2.420.AC00.17.R.20170322 allows HTTP requests that permit enabling various functionalities of the camera by using HTTP APIs, instead of the web management interface that is provided by the application. This HTTP API receives the credentials as base64 encoded in the Authorization HTTP header. However, a missing length check in the code allows an attacker to send a string of 1024 characters in the password field, and allows an attacker to exploit a memory corruption issue. This can allow an attacker to circumvent the account protection mechanism and brute force the credentials. If the firmware version Amcrest_IPC-AWXX_Eng_N_V2.420.AC00.17.R.20170322 is dissected using the binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that has many of the binaries in the /usr folder. The binary "sonia" is the one that has the vulnerable function that performs the credential check in the binary for the HTTP API specification. If we open this binary in IDA Pro we will notice that this follows an ARM little-endian format. The function at address 00415364 in IDA Pro starts the HTTP authentication process. This function calls another function at sub_ 0042CCA0 at address 0041549C. This function performs a strchr operation after base64 decoding the credentials, and stores the result on the stack, which results in a stack-based buffer overflow.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Amcrest IPM-721S 缓冲区错误漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Amcrest IPM-721S是Amcrest公司的一款无线IP摄像头。 使用Amcrest_IPC-AWXX_Eng_N_V2.420.AC00.17.R.20170322版本固件的Amcrest IPM-721S中存在安全漏洞。攻击者可利用该漏洞绕过账户保护机制并暴力破解凭证。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
| 厂商 | 产品 | 影响版本 | CPE | 订阅 |
|---|---|---|---|---|
| - | n/a | n/a | - |
二、漏洞 CVE-2017-13719 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|
AI 生成 POC高级
未找到公开 POC。
登录以生成 AI POC三、漏洞 CVE-2017-13719 的情报信息
Please 登录 to view more intelligence information
同批安全公告 · n/a · 2019-07-03 · 共 74 条
| CVE-2017-18346 | CMS Web-Gooroo SQL注入漏洞 | |
| CVE-2018-11425 | Moxa OnCell G3470A-LTE 缓冲区错误漏洞 | |
| CVE-2018-10986 | Open-Xchange Guard 跨站请求伪造漏洞 | |
| CVE-2017-9327 | Cloudera Manager 授权问题漏洞 | |
| CVE-2017-9326 | Cloudera Manager 信任管理问题漏洞 | |
| CVE-2017-9325 | Cloudera Manager 授权问题漏洞 | |
| CVE-2018-15811 | DNN 加密问题漏洞 | |
| CVE-2017-6900 | RIELLO UPS NetMan 信任管理问题漏洞 | |
| CVE-2017-6216 | novaksolutions/infusionsoft-php-sdk 跨站脚本漏洞 | |
| CVE-2018-11686 | Devaldi FlexPaper 输入验证错误漏洞 | |
| CVE-2019-13186 | MiniCMS 跨站脚本漏洞 | |
| CVE-2018-15812 | DNN 安全特征问题漏洞 | |
| CVE-2017-17972 | Archon 跨站脚本漏洞 | |
| CVE-2018-18325 | DNN 加密问题漏洞 | |
| CVE-2018-18326 | DNN 安全特征问题漏洞 | |
| CVE-2018-12250 | Elite Graphix Elite CMS Pro SQL注入漏洞 | |
| CVE-2018-12715 | DIGISOL SYSTEMS DG-HR3400 跨站脚本漏洞 | |
| CVE-2019-12570 | WordPress Server Status by Hostname/IP插件SQL注入漏洞 | |
| CVE-2019-7165 | DOSBox 缓冲区错误漏洞 | |
| CVE-2018-14866 | Odoo 权限许可和访问控制问题漏洞 |
显示前 20 条,共 74 条。 查看全部 → →
IV. Related Vulnerabilities
V. Comments for CVE-2017-13719
暂无评论