Monday, 28 September 2015

Backdoor Account In Popular IP Cameras Discovered

A researcher has discovered in potentially tens of thousands of IP cameras undocumented telnet port on the internet so there is a known default password can log on to the devices. The problem would play in inexpensive IP cameras from different manufacturers.

Which manufacturers will want Zoltan Balazs not disclose. Through a network scan, he managed to find the undocumented telnet port. Balazs let know, however, that other researchers have found the same problem before, only through an analysis of the firmware. The problem is that the password to login to the telnet port can not be changed via a graphical user interface.

This may be through the console, but the password change is not permanent. After a reboot the default password will be replaced. "I think it can be said that this is a backdoor," said Balazs. Through access to the password for the FTP server, SMTP server, and Wi-Fi network can be obtained. Also, it is possible to gain access to the normal administrator interface of the camera.

In most cases, the IP camera is protected by a firewall or NAT, so the telnet port is not accessible over the internet, says the researcher. "But there are always exceptions," he observes. Balazs says that users can create a script to change the password on reboot or telnet service completely off. "99% of people who think buys this IP cameras that they are safe," says the researcher. On Reddit sets a reader that up to 70,000 devices on the Internet have to do with the issue.

No comments:

Post a Comment