Vulnerabilities in IP-cameras D-Link allows to intercept the video stream

Posted: April 30, 2013 in IT Security News
Tags: , ,

IP-cameras D-LinkThe experts found five vulnerabilities in at least 14 of D-Link products

Researchers at Core Security, dealing with security issues, reported multiple vulnerabilities in the IP-cameras by D-Link production, using which an attacker can intercept the video stream. The experts found five vulnerabilities at least 14 of products.

IP-cameras can record images and video, and their control is carried out through online-panel controls. Camera model DCS-5605/DCS-5635, in which discovered the vulnerability, is equipped with a motion detection feature, which has been widely used in financial and medical institutions, as well as in various offices.

Experts said Core Security, these vulnerabilities allow access to the video via real-time streaming protocol (RTSP). Vulnerabilities in the online-control panel can also allow malefactors to give any commands.

Core Security warned the company D-Link about detected vulnerabilities on March 29 of this year. Telecommunications equipment maker said it will release updates and issue recommendations for use on its support forum (D-Link Support Forum) and only a month will make an official statement about the vulnerabilities.

This decision did not satisfy Core Security. The company blamed the Security D-Link in the concealment of the problem, as the manufacturer has warned about the vulnerabilities, only a limited number of visitors to the forum, and this is unacceptable.

Link:

http://www.coresecurity.com/advisories/d-link-ip-cameras-multiple-vulnerabilities

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s