Multi-vendor IP camera web interface authentication bypass Vulnerability
Last Update Date:
16 Oct 2012 10:05
Release Date:
16 Oct 2012
5597
Views
RISK: Medium Risk
TYPE: Attacks - Other
A vulnerability has been identified in web interface for IP cameras from several vendors including Foscam and Wansview, which can be exploited by malicious people to cause an authentication bypass. By visiting specific URLs, an attacker may be able to perform any function a normal user can. The admin password is also leaked through client side Javascript.
Impact
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Foscam
- Wansview
- apexis
- Easyn
- EasySe
- Hiwire
Solutions
- No Patch Available
- Appropriate firewall rules should be put in place so only trusted users can access the web interface.
Vulnerability Identifier
Source
Related Link
Share with