{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T11:54:54.268","vulnerabilities":[{"cve":{"id":"CVE-2020-5735","sourceIdentifier":"vulnreport@tenable.com","published":"2020-04-08T13:15:13.003","lastModified":"2025-10-31T22:11:22.050","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code."},{"lang":"es","value":"Las cámaras y NVR Amcrest , son vulnerables a un desbordamiento del búfer en la región stack de la memoria sobre el puerto 37777. Un atacante remoto autenticado puede abusar de este problema para bloquear el dispositivo y posiblemente ejecutar código arbitrario."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:C","baseScore":8.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":8.5,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"cisaExploitAdd":"2021-11-03","cisaActionDue":"2022-05-03","cisaRequiredAction":"Apply updates per vendor instructions.","cisaVulnerabilityName":"Amcrest Cameras and NVR Stack-based Buffer Overflow Vulnerability","weaknesses":[{"source":"vulnreport@tenable.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:1080-lite_8ch_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7C61F452-2A51-46FF-B1C7-34945F492A39"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:1080-lite_8ch:-:*:*:*:*:*:*:*","matchCriteriaId":"B2D16F02-8C16-49B9-BE44-E2B276B7ADDF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:amdv10814-h5_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8405ED1F-4BEF-4C33-B4F8-4AD1158AA4AE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:amdv10814-h5:-:*:*:*:*:*:*:*","matchCriteriaId":"32E848D9-DA23-414C-AA10-433DC2EF5E92"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:ipm-721_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"v2.420.ac00.18.r.20200217","matchCriteriaId":"1FFD970B-1C63-4A0A-8E2A-1F827E40C01C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:ipm-721:-:*:*:*:*:*:*:*","matchCriteriaId":"B5E5E186-BB77-4521-9899-5A3A67A3B605"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:ip2m-841_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"v2.420.ac00.18.r.20200217","matchCriteriaId":"6A902EBE-0AEB-4B61-9642-5A5432C0717B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:ip2m-841:-:*:*:*:*:*:*:*","matchCriteriaId":"7FAE4629-638C-4E75-BBCD-6BBC78CEB209"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:ip2m-841-v3_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"v2.800.0000000.6.r.200314","matchCriteriaId":"81ABAC27-E7F0-47AA-B230-F62D3732E5AA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:ip2m-841-v3:-:*:*:*:*:*:*:*","matchCriteriaId":"F923CD3E-2D9B-4F90-A5CB-B1ACCE434796"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:ip2m-853ew_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"v2.623.00ac004.0.r.200316","matchCriteriaId":"CF9698AB-1ADF-4920-966F-9D0FE4387FEB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:ip2m-853ew:-:*:*:*:*:*:*:*","matchCriteriaId":"9D58539B-B2B7-4591-9E62-7D975E1367A4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:ip2m-858w_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"v2.623.00ac004.0.r.200316","matchCriteriaId":"8E9D4714-C59D-4EA2-83F7-6DCF0DF4D6C4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:ip2m-858w:-:*:*:*:*:*:*:*","matchCriteriaId":"FEB6D0A5-801D-4A24-A929-29E56946FB06"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:ip2m-866w_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"v2.623.00ac004.0.r.200316","matchCriteriaId":"63C7AD48-C6E0-4795-BBCF-A94C29C6C750"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:ip2m-866w:-:*:*:*:*:*:*:*","matchCriteriaId":"FFB419C8-24DD-4675-B307-8BD1EABA4137"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:ip2m-866ew_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"v2.623.00ac004.0.r.200316","matchCriteriaId":"A76D0DD5-EF2B-4C1E-8C55-7C4B901CB3C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:ip2m-866ew:-:*:*:*:*:*:*:*","matchCriteriaId":"1174F83A-9E21-4E58-9401-BBECE7DA120A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:ip4m-1053ew_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"v2.623.00ac004.0.r.200316","matchCriteriaId":"03AC3809-D4F7-4389-81D1-B0974607E399"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:ip4m-1053ew:-:*:*:*:*:*:*:*","matchCriteriaId":"0D253678-7AE4-44E9-AC36-767E19095606"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:ip8m-2454ew_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"v2.622.00ac000.0.r.200320","matchCriteriaId":"3CC4801F-97BE-4C54-9446-DC334720B80E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:ip8m-2454ew:-:*:*:*:*:*:*:*","matchCriteriaId":"6F78A7E0-4AB1-4368-AD5C-F1BFCACAA24F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:ip8m-2493eb_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"v2.622.00ac000.0.r.200320","matchCriteriaId":"1D702C27-7E71-4BBC-A87B-F8E332A47BB4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:ip8m-2493eb:-:*:*:*:*:*:*:*","matchCriteriaId":"758995EB-21E0-4DD1-BC5E-AB4ED77DF2EC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:ip8m-2496eb_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"v2.622.00ac000.0.r.200320","matchCriteriaId":"90210F99-5625-4E70-9EEB-747B7B698CA7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:ip8m-2496eb:-:*:*:*:*:*:*:*","matchCriteriaId":"16FC4DDB-806B-45C7-A8DB-12ACF6A49FA5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:ip8m-2597e_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"v2.800.00ac000.0.r.200330","matchCriteriaId":"B5E9C32A-0925-4C9C-AB8E-8AC0B7179AE1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:ip8m-2597e:-:*:*:*:*:*:*:*","matchCriteriaId":"24A50ACA-1C8E-4519-AAFC-CF23953423F8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:ip8m-mb2546ew_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"v2.622.00ac000.0.r.200320","matchCriteriaId":"DEE8B1B3-FFA7-4229-864C-7965FCE10D2D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:ip8m-mb2546ew:-:*:*:*:*:*:*:*","matchCriteriaId":"6BDADA94-DADA-4B7E-9351-FE942FE431B1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:ip8m-mt2544ew_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"v2.622.00ac000.0.r.200320","matchCriteriaId":"970C91C0-0AEC-4716-A281-1EF3DF11E203"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:ip8m-mt2544ew:-:*:*:*:*:*:*:*","matchCriteriaId":"E26CDFAC-37C3-48EA-95B8-9FBDF1B2922A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:ip8m-t2499ew_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"v2.622.00ac000.0.r.200320","matchCriteriaId":"E2B6B969-4F59-4C67-8AF3-9282E3AAE2C4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:ip8m-t2499ew:-:*:*:*:*:*:*:*","matchCriteriaId":"C033CF24-B639-47C0-8BEA-5BAB33D16ACF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amcrest:ipm-hx1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"v2.420.ac00.18.r.20200217","matchCriteriaId":"342225EB-DE54-436E-9589-42593B9179E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amcrest:ipm-hx1:-:*:*:*:*:*:*:*","matchCriteriaId":"0D32B1CE-209B-4BCF-A159-0979EB61E766"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/157164/Amcrest-Dahua-NVR-Camera-IP2M-841-Denial-Of-Service.html","source":"vulnreport@tenable.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.tenable.com/security/research/tra-2020-20","source":"vulnreport@tenable.com","tags":["Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/157164/Amcrest-Dahua-NVR-Camera-IP2M-841-Denial-Of-Service.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.tenable.com/security/research/tra-2020-20","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5735","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}}]}