.. / CVE-2017-8229

Exploit for Amcrest IP Camera Web Management - Data Exposure (CVE-2017-8229)

Description:

Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials.

Nuclei Template

View the template here CVE-2017-8229.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2017/CVE-2017-8229.yaml

References:

http://packetstormsecurity.com/files/153224/Amcrest-IPM-721S-Credential-Disclosure-Privilege-Escalation.html
https://nvd.nist.gov/vuln/detail/CVE-2017-8229
https://github.com/d4n-sec/d4n-sec.github.io
https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Amcrest_sec_issues.pdf
https://seclists.org/bugtraq/2019/Jun/8