DVR Flaw Allows Attacker to Control Security Cameras
Security researchers revealed vulnerabilities in the digital video recorders of CCTV video cameras that would allow an attacker to seize control of the buggy devices to watch the recorded video streams, copy, delete or turn them on and off.
Apart from enabling illegal access to the security camera systems, the buggy devices also transform the machine into a jumping-off point of access to computers in a network, behind a company`s firewall, according to researchers with security firm Rapid7.
“In addition to Ray Sharp, the exposures seem to affect rebranded DVR products by Swann, Lorex, URMET, KGuard, Defender, DEAPA/DSP Cop, SVAT, Zmodo, BCS, Bolide, EyeForce, Atlantis, Protectron, Greatek, Soyo, Hi-View, Cosmos, and J2000,” Moore writes in his blog post.
The hacker by the name someLuser was the first to note on his blog his findings on a vulnerable Swann DVR when he saw that commands sent to the precise device via port 9000 were getting through without proper authentication.
The buggy DVRs were also visible on the Internet because of the Universal Plug and Play protocol that maps UPNP capable devices and exposes means of interaction over the web.
The Holiday Guide to Tech Support: Fixing the Family Computer
November 24, 2021
Bitdefender Celebrates 20 Years of Cybersecurity Leadership
November 04, 2021
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
October 26, 2021
What are drive-by download attacks and how do you prevent them?
October 25, 2021
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks
October 22, 2021
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals
October 20, 2021