2 min read

NEO Coolcams Are Not Too Cool, They Buffer Overflow

Ionut ILASCU

August 02, 2017

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
NEO Coolcams Are Not Too Cool, They Buffer Overflow

The code humming inside the shiny cases of most IoT devices does not pass through proper quality assurance testing and has been found numerous times to be unsafe from a security standpoint. This has been confirmed recently by Bitdefender researchers at the Defcon hacker conference in Las Vegas.

Alex Balan, Chief Security Researcher and Spokesperson for Bitdefender, exposed vulnerabilities in the iDoorbell and NIP-22 internet-connected cameras from Chinese manufacturer Shenzen Neo Electronics. One of the flaws is the presence of backdoor accounts that allow watching the camera’s live stream by logging in with easy-to-guess credentials. Balan said that an attacker that found these camera models online could input “guest” or “user” for both username and password to access the video stream.

Another security bug discovered by Bitdefender is a buffer overflow in the web server of the camera, which requires only four lines of code to exploit. The same glitch has been found in the RTSP (Real Time Streaming Protocol) server. A research paper is available from Bitdefender, detailing the steps leading to remote code execution and potential hijacking of the camera.

Taking advantage of these flaws requires some effort from the attacker, but it would not be difficult to find the weak spot, and the reward at the end would be well worth the work. At the time of writing, a cursory search on Shodan, a search engine for internet-connected things, reveals more than 120,000 devices that are potentially vulnerable to the exploits presented by Balan at Defcon.

The gadgets are available online because they use the UPnP (Universal Plug and Play) protocol to make their ports accessible over the Internet by setting up rules automatically on the router or modem. The device tells the local router to open a communication path with the outside network, and the Internet gateway obliges. Many routers, including those provided by Internet Service Providers, are delivered with the UPnP service enabled.

Balan says that the firmware in iDoorbell and NIP-22 is powering smart things from other companies, which means that other products could suffer from the same vulnerabilities. Right now, a revised version of the code is impossible to reach the affected devices because there is no update mechanism in place, the researcher says. As such, all cameras running the firmware analyzed by Bitdefender are at risk of being hijacked.

Balan predicts that in the future botnets will no longer rely on armies of IoT devices secured with default or weak credentials, but on gadgets exploitable at the application level, through buffer overflows or command injection. Spotting such problems would require the maker to dedicate more resources for security tests before sending the code to production.

Bitdefender tried to establish contact with Neo Electronics to report the vulnerabilities in the two devices, but the manufacturer did not return an answer.

Image credit:  Shenzhen Neo Electronics

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Meta Pays Out Bounties for Account Takeover and Two-Factor Authentication Bypass Exploits Meta Pays Out Bounties for Account Takeover and Two-Factor Authentication Bypass Exploits
Silviu STAHIE

January 31, 2023

1 min read
Hackers steal 10 million customer details from JD Sports Hackers steal 10 million customer details from JD Sports
Graham CLULEY

January 30, 2023

2 min read
North Korean Hackers Tried to Launder $100 Million in Crypto Stolen in 2022 North Korean Hackers Tried to Launder $100 Million in Crypto Stolen in 2022
Silviu STAHIE

January 25, 2023

1 min read