CVE-2017-8229— Amcrest IPM-721S 信任管理问题漏洞
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2017-8229 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗ 尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that many of the binaries in the /usr folder. The binary "sonia" is the one that has the vulnerable function that sets up the default credentials on the device. If one opens this binary in IDA-pro one will notice that this follows a ARM little endian format. The function sub_436D6 in IDA pro is identified to be setting up the configuration for the device. If one scrolls to the address 0x000437C2 then one can see that /current_config is being set as an ALIAS for /mnt/mtd/Config folder on the device. If one TELNETs into the device and navigates to /mnt/mtd/Config folder, one can observe that it contains various files such as Account1, Account2, SHAACcount1, etc. This means that if one navigates to http://[IPofcamera]/current_config/Sha1Account1 then one should be able to view the content of the files. The security researchers assumed that this was only possible only after authentication to the device. However, when unauthenticated access tests were performed for the same URL as provided above, it was observed that the device file could be downloaded without any authentication.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Amcrest IPM-721S 信任管理问题漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Amcrest IPM-721S是Amcrest公司的一款无线IP摄像头。 Amcrest IPM-721S V2.420.AC00.16.R.20160909版本中存在安全漏洞。攻击者可利用该漏洞下载管理凭证。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
| 厂商 | 产品 | 影响版本 | CPE | 订阅 |
|---|---|---|---|---|
| - | n/a | n/a | - |
二、漏洞 CVE-2017-8229 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2017/CVE-2017-8229.yaml | POC详情 |
| 2 | None | https://github.com/Threekiii/Awesome-POC/blob/master/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/Amcrest%20IP%20Camera%20Web%20Sha1Account1%20%E8%B4%A6%E5%8F%B7%E5%AF%86%E7%A0%81%E6%B3%84%E6%BC%8F%E6%BC%8F%E6%B4%9E%20CVE-2017-8229.md | POC详情 |
AI 生成 POC高级
未找到公开 POC。
登录以生成 AI POC三、漏洞 CVE-2017-8229 的情报信息
Please 登录 to view more intelligence information
同批安全公告 · n/a · 2019-07-03 · 共 74 条
| CVE-2017-18346 | CMS Web-Gooroo SQL注入漏洞 | |
| CVE-2018-11425 | Moxa OnCell G3470A-LTE 缓冲区错误漏洞 | |
| CVE-2018-10986 | Open-Xchange Guard 跨站请求伪造漏洞 | |
| CVE-2017-9327 | Cloudera Manager 授权问题漏洞 | |
| CVE-2017-9326 | Cloudera Manager 信任管理问题漏洞 | |
| CVE-2017-9325 | Cloudera Manager 授权问题漏洞 | |
| CVE-2018-15811 | DNN 加密问题漏洞 | |
| CVE-2017-6900 | RIELLO UPS NetMan 信任管理问题漏洞 | |
| CVE-2017-6216 | novaksolutions/infusionsoft-php-sdk 跨站脚本漏洞 | |
| CVE-2018-11686 | Devaldi FlexPaper 输入验证错误漏洞 | |
| CVE-2019-13186 | MiniCMS 跨站脚本漏洞 | |
| CVE-2018-15812 | DNN 安全特征问题漏洞 | |
| CVE-2017-17972 | Archon 跨站脚本漏洞 | |
| CVE-2018-18325 | DNN 加密问题漏洞 | |
| CVE-2018-18326 | DNN 安全特征问题漏洞 | |
| CVE-2018-12250 | Elite Graphix Elite CMS Pro SQL注入漏洞 | |
| CVE-2018-12715 | DIGISOL SYSTEMS DG-HR3400 跨站脚本漏洞 | |
| CVE-2019-12570 | WordPress Server Status by Hostname/IP插件SQL注入漏洞 | |
| CVE-2019-7165 | DOSBox 缓冲区错误漏洞 | |
| CVE-2018-14866 | Odoo 权限许可和访问控制问题漏洞 |
显示前 20 条,共 74 条。 查看全部 → →
IV. Related Vulnerabilities
V. Comments for CVE-2017-8229
暂无评论