high
8.8
CWE
264
Advisory Published
Updated

CVE-2017-8230

First published: Wed Jul 03 2019(Updated: )

On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups "admin" and "user". However, as a part of security analysis it was identified that a low privileged user who belongs to the "user" group and who has access to login in to the web administrative interface of the device can add a new administrative user to the interface using HTTP APIs provided by the device and perform all the actions as an administrative user by using that account. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that many of the binaries in the /usr folder. The binary "sonia" is the one that has the vulnerable functions that performs the various action described in HTTP APIs. If one opens this binary in IDA-pro one will notice that this follows a ARM little endian format. The function at address 0x00429084 in IDA pro is the one that processes the HTTP API request for "addUser" action. If one traces the calls to this function, it can be clearly seen that the function sub_ 41F38C at address 0x0041F588 parses the call received from the browser and passes it to the "addUser" function without any authorization check.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Amcrest Ipm-721s Firmware<=2.420.ac00.16.r.20160909
Amcrest IPM-721S

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2017-8230?

    CVE-2017-8230 is a vulnerability found on Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices that allows a low privileged user in the "user" group to gain administrative access.

  • What is the severity of CVE-2017-8230?

    CVE-2017-8230 has a severity rating of 8.8 (high).

  • How does CVE-2017-8230 affect Amcrest IPM-721S devices?

    CVE-2017-8230 allows a low privileged user on Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices to escalate their privileges and gain administrative access.

  • Is there a fix available for CVE-2017-8230?

    At the moment, there is no official fix available for CVE-2017-8230. It is recommended to follow best practices in securing the device and restrict user access.

  • Where can I find more information about CVE-2017-8230?

    You can find more information about CVE-2017-8230 in the references provided: [Packet Storm Security](http://packetstormsecurity.com/files/153224/Amcrest-IPM-721S-Credential-Disclosure-Privilege-Escalation.html) and [GitHub](https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Amcrest_sec_issues.pdf).

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203