Medium severity5.9NVD Advisory· Published Sep 5, 2018· Updated Jun 17, 2026
CVE-2018-16546
CVE-2018-16546
Description
Amcrest networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation, as demonstrated by Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206.
Affected products
1- Range: = 2.420.AC01.3.R.20180206
Patches
Vulnerability mechanics
References
1- seclists.org/bugtraq/2018/Sep/6nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.