Overview :
An issue was discovered in Amcrest Web Server 2.520.AC00.18.R 2017-06-29 WEB 3.2.1.453504. The login page responds with JavaScript when one tries to authenticate.
Affected Product(s) :
  • Amcrest Web Server 2.520.AC00.18.R
Vulnerability Details :
CVE ID : CVE-2020-7222
An attacker who changes the result parameter (to true) in this JavaScript code can bypass authentication and achieve limited privileges (ability to see every option but not modify them).

Solution :

Update to Latest firmware version according to the vendor specifications