1 min read

DVR Flaw Allows Attacker to Control Security Cameras

Loredana BOTEZATU

January 29, 2013

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
DVR Flaw Allows Attacker to Control Security Cameras

Security researchers revealed vulnerabilities in the digital video recorders of CCTV video cameras that would allow an attacker to seize control of the buggy devices to watch the recorded video streams, copy, delete or turn them on and off.

Apart from enabling illegal access to the security camera systems, the buggy devices also transform the machine into a jumping-off point of access to computers in a network, behind a company`s firewall, according to researchers with security firm Rapid7.

H.D. Moor, chief security officer with Rapid7, found some 58,000 unique IPs running a vulnerable DVR platform in 150 countries, of which the United States, India, and Italy took the lion`s share.

“In addition to Ray Sharp, the exposures seem to affect rebranded DVR products by Swann, Lorex, URMET, KGuard, Defender, DEAPA/DSP Cop, SVAT, Zmodo, BCS, Bolide, EyeForce, Atlantis, Protectron, Greatek, Soyo, Hi-View, Cosmos, and J2000,” Moore writes in his blog post.

The hacker by the name someLuser was the first to note on his blog his findings on a vulnerable Swann DVR when he saw that commands sent to the precise device via port 9000 were getting through without proper authentication.

The buggy DVRs were also visible on the Internet because of the Universal Plug and Play protocol that maps UPNP capable devices and exposes means of interaction over the web.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Common Credentials Criminals Use in IoT Dictionary Attacks Revealed Common Credentials Criminals Use in IoT Dictionary Attacks Revealed
Silviu STAHIE

November 30, 2021

3 min read
Interpol Busts 1,000 Cyber Crooks and Recovers $27M in Massive Fraud Crackdown Interpol Busts 1,000 Cyber Crooks and Recovers $27M in Massive Fraud Crackdown
Filip TRUȚĂ

November 29, 2021

2 min read
Social media firms will be forced to unmask online trolls, says Australia Social media firms will be forced to unmask online trolls, says Australia
Graham CLULEY

November 29, 2021

2 min read