The experts found five vulnerabilities in at least 14 of D-Link products
Researchers at Core Security, dealing with security issues, reported multiple vulnerabilities in the IP-cameras by D-Link production, using which an attacker can intercept the video stream. The experts found five vulnerabilities at least 14 of products.
IP-cameras can record images and video, and their control is carried out through online-panel controls. Camera model DCS-5605/DCS-5635, in which discovered the vulnerability, is equipped with a motion detection feature, which has been widely used in financial and medical institutions, as well as in various offices.
Experts said Core Security, these vulnerabilities allow access to the video via real-time streaming protocol (RTSP). Vulnerabilities in the online-control panel can also allow malefactors to give any commands.
Core Security warned the company D-Link about detected vulnerabilities on March 29 of this year. Telecommunications equipment maker said it will release updates and issue recommendations for use on its support forum (D-Link Support Forum) and only a month will make an official statement about the vulnerabilities.
This decision did not satisfy Core Security. The company blamed the Security D-Link in the concealment of the problem, as the manufacturer has warned about the vulnerabilities, only a limited number of visitors to the forum, and this is unacceptable.