- Feb 4, 2016
- 2,520
Two consumer-grade IP-enabled security cameras manufactured by Loftek and VStartcam are riddled with nearly two dozen vulnerabilities that expose them to remote attacks. According to researchers, more than 1.3 million of the cameras are in use today, with 200,000 models located in the United States.
Researchers said red flags popped up immediately when testing the Loftek and VStartcam cameras, both manufactured in China.
“As our initial scans came to an end, we reached the conclusion that if your (Loftek and VStarcam) camera is connected, you’re definitely at risk. It’s as simple as that,” Checkmarx researchers wrote.
Obvious vulnerabilities included hardcoded credentials, an inability to update the firmware, lack of support for HTTPS and an undocumented Telnet port in the VStartcam camera.
Lack of HTTPS support is bad enough, said Amit Ashbel, cyber-security evangelist at Checkmarx. He said that vulnerability alone allowed an attacker to send a clear text GET request to the camera containing a variety of different commands to gain a foothold on the device.
Both cameras were also vulnerable to a raft of problems including cross-site request forgery vulnerabilities, stored cross-site scripting flaws, server-side request forgery and HTTP response splitting bugs. In total, 21 exploits were tested and confirmed.
Despite 1.3 million devices being still in use, both cameras are no longer sold. However, in further scans of the internet using the Shodan search engine, additional camera models were found that also used the same vulnerable firmware that included; Foscam, Advance, Wanscan, Apexis, Visioncam, Eshine and EyeSight.
“There may be a scenario where an attacker could use either of the cameras’ settings to send spam emails or flood the victim’s inbox. With a simple script, an attacker could launch such an attack with little-to-no effort,” the report stated.
“The cameras are vulnerable by default, and—especially the Loftek 2200—which could be used as a backdoor to your network. It is clearly worth spending a bit more money on a more secure camera,” Ashbel said.