dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
689
share rss forum feed


ZOverLord
Premium
join:2003-10-20
Minneapolis, MN

Multi-vendor IP camera web interface authentication bypass

Vulnerability Note VU#265532: »www.kb.cert.org/vuls/id/265532

Overview

The web interface firmware for Foscam and Wansview H.264 Hi3510/11/12 IP cameras contain an authentication bypass vulnerability. Other vendors that share the same base firmware image are also vulnerable.

Description

It has been reported that the web interface for IP cameras from several vendors including Foscam and Wansview contain an authentication bypass vulnerability. By visiting specific URLs, an attacker may be able to perform any function a normal user can. The admin password is also leaked through client side Javascript.

Impact

A remote unauthenticated attacker may be able to execute any command available to the web interface including full administrative functions.

Solution

We are currently unaware of a practical solution to this problem. Please consider the following workaround.

---------------------------------------------------------------------------------- -----------------

I have created a test tool to help determine if your H.264 camera brand and model are currently exposed to this, since there are many brands and models that are.

»foscam.us/forum/h264-ip-camera-w···252.html

Note: I reported this issue.

This is why I took the time to create a tool to test for it being present. There maybe firmware released to fix this problem, if your camera is found to have it. New firmware is required to fix this issue.

Don
--
The Best Phone Services and 3rd Party Applications With The Highest Quality Worldwide »SaveOnTelephoneBills.com