← back
CVE-2020-5735

CVE-2020-5735

CVSS 8.8 HIGHEPSS 35.6%● KEVCWE-121
In short

Amcrest cameras and NVRs contain a stack-based buffer overflow vulnerability on port 37777 that allows an authenticated attacker to crash the device or potentially run malicious code. This is critical because it can lead to complete device compromise or denial of service.

Technical detail

A stack-based buffer overflow exists in Amcrest camera and NVR services listening on port 37777. An authenticated remote attacker can send a specially crafted payload to overflow the stack, potentially achieving arbitrary code execution or causing a denial of service. The vulnerability requires prior authentication but enables full system compromise.

Summary generated and translated by AI from the official description.
Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · Amcrest
public PoCs found2
cve_referencepacketstormsecurity.com/files/157164/Amcrest-Dahua-NVR-Camera-IP2M-841-Denial-Of-Service.htmlunverifiedexploitdbwww.exploit-db.com/exploits/48304unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/157164/Amcrest-Dahua-NVR-Camera-IP2M-841-Denial-Of-Service.htmlhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5735https://www.tenable.com/security/research/tra-2020-20