CVE-2020-5735

Published: Apr 8, 2020Modified: Oct 31, 2025CISA KEV

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.

Affected (18)

Products: Amcrest: 1080 Lite 8ch Firmware, Amdv10814 H5 Firmware, Ipm 721 Firmware, Ip2m 841 Firmware, Ip2m 841 V3 Firmware, Ip2m 853ew Firmware, Ip2m 858w Firmware, Ip2m 866w Firmware, Ip2m 866ew Firmware, Ip4m 1053ew Firmware, Ip8m 2454ew Firmware, Ip8m 2493eb Firmware, Ip8m 2496eb Firmware, Ip8m 2597e Firmware, Ip8m Mb2546ew Firmware, Ip8m Mt2544ew Firmware, Ip8m T2499ew Firmware, Ipm Hx1 Firmware

Amcrest

18 products

1080 Lite 8ch Firmware

Amdv10814 H5 Firmware

Ip8m Mb2546ew Firmware

Ip8m Mt2544ew Firmware

Ip8m T2499ew Firmware

Ipm Hx1 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest 1080 Lite 8ch Firmware	All versions

Running on/with	Platform Versions
Amcrest 1080 Lite 8ch	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest Amdv10814 H5 Firmware	All versions

Running on/with	Platform Versions
Amcrest Amdv10814 H5	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest Ipm 721 Firmware	Before v2.420.ac00.18.r.20200217

Running on/with	Platform Versions
Amcrest Ipm 721	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest Ip2m 841 Firmware	Before v2.420.ac00.18.r.20200217

Running on/with	Platform Versions
Amcrest Ip2m 841	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest Ip2m 841 V3 Firmware	Before v2.800.0000000.6.r.200314

Running on/with	Platform Versions
Amcrest Ip2m 841 V3	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest Ip2m 853ew Firmware	Before v2.623.00ac004.0.r.200316

Running on/with	Platform Versions
Amcrest Ip2m 853ew	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest Ip2m 858w Firmware	Before v2.623.00ac004.0.r.200316

Running on/with	Platform Versions
Amcrest Ip2m 858w	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest Ip2m 866w Firmware	Before v2.623.00ac004.0.r.200316

Running on/with	Platform Versions
Amcrest Ip2m 866w	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest Ip2m 866ew Firmware	Before v2.623.00ac004.0.r.200316

Running on/with	Platform Versions
Amcrest Ip2m 866ew	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest Ip4m 1053ew Firmware	Before v2.623.00ac004.0.r.200316

Running on/with	Platform Versions
Amcrest Ip4m 1053ew	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest Ip8m 2454ew Firmware	Before v2.622.00ac000.0.r.200320

Running on/with	Platform Versions
Amcrest Ip8m 2454ew	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest Ip8m 2493eb Firmware	Before v2.622.00ac000.0.r.200320

Running on/with	Platform Versions
Amcrest Ip8m 2493eb	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest Ip8m 2496eb Firmware	Before v2.622.00ac000.0.r.200320

Running on/with	Platform Versions
Amcrest Ip8m 2496eb	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest Ip8m 2597e Firmware	Before v2.800.00ac000.0.r.200330

Running on/with	Platform Versions
Amcrest Ip8m 2597e	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest Ip8m Mb2546ew Firmware	Before v2.622.00ac000.0.r.200320

Running on/with	Platform Versions
Amcrest Ip8m Mb2546ew	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest Ip8m Mt2544ew Firmware	Before v2.622.00ac000.0.r.200320

Running on/with	Platform Versions
Amcrest Ip8m Mt2544ew	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest Ip8m T2499ew Firmware	Before v2.622.00ac000.0.r.200320

Running on/with	Platform Versions
Amcrest Ip8m T2499ew	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Amcrest Ipm Hx1 Firmware	Before v2.420.ac00.18.r.20200217

Running on/with	Platform Versions
Amcrest Ipm Hx1	All versions

Related CWEs

CWE-121

Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (5)

http://packetstormsecurity.com/files/157164/Amcrest-Dahua-NVR-Camera-IP2M-841-Denial-Of-Service.html

Source: vulnreport@tenable.com

ExploitThird Party AdvisoryVDB Entry

https://www.tenable.com/security/research/tra-2020-20

Source: vulnreport@tenable.com

Third Party Advisory

http://packetstormsecurity.com/files/157164/Amcrest-Dahua-NVR-Camera-IP2M-841-Denial-Of-Service.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

https://www.tenable.com/security/research/tra-2020-20

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5735

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

US Government Resource

Timeline

No history available yet.