CVE-2017-8230

Name of the Vulnerable Software and Affected Versions Amcrest IPM-721S version V2.420.AC00.16.R.20160909

Description A security issue was identified in Amcrest IPM-721S devices, where a low-privileged user belonging to the "user" group can add a new administrative user to the web administrative interface using HTTP APIs, allowing them to perform actions as an administrative user. The binary "sonia" contains vulnerable functions that perform various actions described in HTTP APIs. The function at address 0x00429084 processes the HTTP API request for the "addUser" action, and the function sub 41F38C at address 0x0041F588 parses the call received from the browser and passes it to the "addUser" function without any authorization check.

Recommendations For Amcrest IPM-721S version V2.420.AC00.16.R.20160909, consider disabling the "addUser" function in the "sonia" binary until a patch is available to prevent low-privileged users from adding new administrative users. Restrict access to the HTTP API endpoints that allow user addition to minimize the risk of exploitation. Avoid using the "addUser" action in the HTTP API until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.