Multi-vendor IP camera web interface authentication bypass

[TheUberOverLord 0]

Vulnerability Note VU#265532: http://www.kb.cert.org/vuls/id/265532

 

Overview

 

The web interface firmware for Foscam and Wansview H.264 Hi3510/11/12 IP cameras contain an authentication bypass vulnerability. Other vendors that share the same base firmware image are also vulnerable.

 

Description

 

It has been reported that the web interface for IP cameras from several vendors including Foscam and Wansview contain an authentication bypass vulnerability. By visiting specific URLs, an attacker may be able to perform any function a normal user can. The admin password is also leaked through client side Javascript.

 

Impact

 

A remote unauthenticated attacker may be able to execute any command available to the web interface including full administrative functions.

 

Solution

 

We are currently unaware of a practical solution to this problem. Please consider the following workaround.

 

---------------------------------------------------------------------------------------------------

 

I have created a test tool to help determine if your H.264 camera brand and model are currently exposed to this, since there are many brands and models that are.

 

http://foscam.us/forum/h264-ip-camera-web-interface-authentication-bypass-test-tool-t3252.html

 

Note: I reported this issue.

 

This is why I took the time to create a tool to test for it being present. There maybe firmware released to fix this problem, if your camera is found to have it. New firmware is required to fix this issue.

 

Don

[Korgoth Of Barbaria 0]

Foscam =/= ip camera, it is a toy.

And this is what you get, when you are buying toys for security.

[TheUberOverLord 0]

Foscam =/= ip camera, it is a toy.

And this is what you get, when you are buying toys for security.

 

IMHO, vulnerabilities are not based on price points. If they were, using your standard, virtually every Operating System was and still is a toy.

 

Don