CVE-2019-3948 (dh-ipc-hx863x, dh-ipc-hx883x, dh-sd4xxxxx, dh-sd5xxxxx, dh-sd6xxxxx, ip2m-841b_firmware, ipc-hx4x3x, ipc-hx5x3x, ipc-xxbxx, nvr2xxx-4ks2, nvr4xxx-4ks2, nvr5xxx-4ks2)

The Amcrest IP2M-841B IP camera firmware version V2.520.AC00.18.R does not require authentication to access the HTTP endpoint /videotalk. An unauthenticated, remote person can connect to this endpoint and listen to the audio the camera is capturing.

View Full Alert