CVE-2017-8226

Name of the Vulnerable Software and Affected Versions Amcrest IPM-721S version V2.420.AC00.16.R.20160909

Description The Amcrest IPM-721S device has default credentials that are hardcoded in the firmware. These credentials can be extracted by reversing the firmware. The binary "sonia" contains the vulnerable function that sets up the default credentials on the device. The function sub 3DB2FC sets up the values at address 0x003DB5A6, and the function sub 5C057C then sets this value and adds it to the Configuration files in /mnt/mtd/Config/Account1 file.

Recommendations For Amcrest IPM-721S version V2.420.AC00.16.R.20160909, consider changing the default credentials to prevent unauthorized access. As a temporary workaround, restrict access to the binary "sonia" to minimize the risk of exploitation. Avoid using the default credentials in the Configuration files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.