Researchers warn customers to reconsider the use of the camera’s remote access feature if the device is monitoring highly sensitive areas of their household or company.
D-Link has only partially patched critical flaws affecting its consumer WiFi camera, which allow hackers to intercept and view recorded video. They also allow attackers to manipulate the device’s firmware, according to security researchers. The camera in question is D-Link’s DCS-2132L cloud camera, popular with consumers and sold at big-box retailers and online.
The most serious of the vulnerabilities is one that creates conditions that are optimum for a man-in-the-middle (MitM) attack, according to ESET researchers who discovered the bugs late last year. The problem is tied to the lack of encryption in the transmission of the video stream between the camera and D-Link’s cloud service, and also from the cloud to the user’s client-side viewing app, researchers explained,
in a Thursday report outlining the flaw..
“The viewer app and the camera communicate via a proxy server on port 2048, using a TCP tunnel based on a custom D-Link tunneling protocol,” wrote ESET researchers Milan Fránik and Miloš Čermák. “Unfortunately, only part of the traffic running through these tunnels is encrypted, leaving some of the most sensitive contents – such as the requests for camera IP and MAC addresses, version information, video and audio streams, and extensive camera info – without encryption.”
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}