PT-2024-17847 · Amcrest · Amcrest Ipc-Ip3M-Hx2B+4
Netsecfish
·
Published
2024-12-27
·
Updated
2024-12-27
·
CVE-2024-12984
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Amcrest IP2M-841B versions up to 20241211
Amcrest IP2M-841W versions up to 20241211
Amcrest IPC-IP2M-841B versions up to 20241211
Amcrest IPC-IP3M-943B versions up to 20241211
Amcrest IPC-IP3M-943S versions up to 20241211
Amcrest IPC-IP3M-HX2B versions up to 20241211
Amcrest IPC-IPM-721S versions up to 20241211
Description
A problematic vulnerability has been found, affecting an unknown part of the file /web caps/webCapsConfig of the component Web Interface. This leads to information disclosure and can be initiated remotely. The exploit has been disclosed to the public and may be used.
Recommendations
For Amcrest IP2M-841B version up to 20241211, update to a version later than 20241211.
For Amcrest IP2M-841W version up to 20241211, update to a version later than 20241211.
For Amcrest IPC-IP2M-841B version up to 20241211, update to a version later than 20241211.
For Amcrest IPC-IP3M-943B version up to 20241211, update to a version later than 20241211.
For Amcrest IPC-IP3M-943S version up to 20241211, update to a version later than 20241211.
For Amcrest IPC-IP3M-HX2B version up to 20241211, update to a version later than 20241211.
For Amcrest IPC-IPM-721S version up to 20241211, update to a version later than 20241211.
Exploit
Fix
Improper Access Control
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Amcrest Ip2M-841B
Amcrest Ipc-Ip2M-841B
Amcrest Ipc-Ip3M-943B
Amcrest Ipc-Ip3M-Hx2B
Amcrest Ipc-Ipm-721S