CVE-2020-5735
| CVE Published | 2020-04-08 |
|---|---|
| Related CWE(s) | CWE-121: Stack-based Buffer Overflow, CWE-787: Out-of-bounds Write |
| Related Vendor(s) | amcrest |
| Related Product(s) | ip8m-2454ew_firmware, ip8m-2597e_firmware, ip2m-858w_firmware, ip8m-mb2546ew_firmware, ip2m-841-v3_firmware, ipm-hx1_firmware, amdv10814-h5_firmware, ip8m-2496eb_firmware, ip8m-mt2544ew_firmware, ip2m-841_firmware, ip8m-t2499ew_firmware, ip4m-1053ew_firmware, ip8m-2493eb_firmware, ipm-721_firmware, ip2m-866w_firmware, 1080-lite_8ch_firmware, ip2m-866ew_firmware, ip2m-853ew_firmware |
| Exploitation Reported (CISA KEV) | 2021-11-03 |
| CVSS 3 Base Score | 8.8 (HIGH) |
| CVSS 3 Attack Complexity | LOW |
| CVSS 3 Attack Vector | NETWORK |
Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph