Subscriber Discussion

Hikvision Cameras Defaulting? [Upnp Facilitating Hacks]

Hi, We seem to have certain sites of ours with Hikvision cameras just resetting to factory defaults? Has anyone seen this themselves? 

So far three sites this week? It’s only just started to happen. We upgraded the f/w and reset the admin password,reset the IP to what is required, but they drift back to factory default? VMS is Milestone 

[IPVM Note: After this discussion and suggestions provided, integrator followed up:

Hi, Issue found - firmware level is lower than required to prevent these hacks as suggested. Also uPNP was on so they were in effect available on the internet.. We tested and proved remote access to the camera with no human entered port forwards

All locked down now.

]

Agree: 1
Disagree
Informative
Unhelpful
Funny

What Firmware are you updating to?

Agree
Disagree
Informative
Unhelpful
Funny

I don’t have the exact version I can find that out, when I spoke to our tech he told me it “was the lastest off the him website” :)

Agree
Disagree
Informative
Unhelpful
Funny

Anything that is not at least V5.4.5 and still has port forwarding setup for the camera is most likely being hacked and set to factor default. 

Agree
Disagree: 1
Informative: 2
Unhelpful
Funny

this has nothing to do with a hack, please check my post below. hacking is not an issue on this fw version

Agree
Disagree
Informative
Unhelpful
Funny

Two things UD5:

  1. My comment was posted before any FW Version was stated/given. It was just inferred he was using updated FW from his tech. 
  2. What I said is factual. If UI1 is running on FW less than V5.4.5 and they have port forwarding setup for the camera it is vulnerable to the most recent exploit. Hence why I asked the question. 

 

Agree: 1
Disagree
Informative
Unhelpful
Funny

without knowing the FW I can see where you are coming from, makes sense

Agree
Disagree
Informative
Unhelpful
Funny

 Are the cameras accessible from internet?

Agree
Disagree
Informative
Unhelpful
Funny

Behind a router, customers router.

Agree
Disagree
Informative
Unhelpful
Funny

Are the cameras reseting themselves one by one randomly or all at the same time?

If we assume Milestone doesn't have anything to do with it and that the cameras themselves are fine, I was wondering if someone else is doing that to them. Are there port forwards in place to access the cameras behind the router? Check if the firmware version in them is recent enough to have vulnerability updates for the simple hacks that have plagued these recently.

Agree
Disagree
Informative
Unhelpful
Funny

Is your system located on separate subnet?

Agree
Disagree
Informative
Unhelpful
Funny

Actually that got me thinking. I wonder if the cameras have UPNP enabled?

Agree
Disagree
Informative
Unhelpful
Funny

If they're accidentally exposed and should not be, disable UPnP from the router altogether. I'm not sure if Hiks ship with UPnP enabled, but it's very possible.

Agree
Disagree
Informative
Unhelpful
Funny
Agree
Disagree
Informative
Unhelpful
Funny

what model are you using from hik?

if it is the DS-2CD23x5FWD-I model, we have had cases where the SD-slot was opened and the lit put back upside down. This caused the rubber to push on the reset button and creates what you are describing

Agree
Disagree
Informative
Unhelpful
Funny

Hi UD#5,

I just checked one of the model but the lit is asymmetrical, how can one put it back upside down without noticing it does not match? Even the screws of the lit aren't located in the medium points of both sides.

Also the rubber has a opening at the SD-slot. If upside down, wouldn't the opening on top of the reset button and not pushing it?

My model is DS-2CD2355FWD-I.

Agree
Disagree
Informative
Unhelpful
Funny

yes that's the one! The lit can only be re-applied in one way, but the rubber in the lit can be put back the wrong way. Let me get you a picture, hold on

Agree
Disagree
Informative
Unhelpful
Funny

 

I hope this clarifies it. The metal part can only be applied in one way, the rubber can be re-applied the wrong way

Agree
Disagree
Informative
Unhelpful
Funny

Ah that makes a lot of sense now. Let me try on my camera to see if I can reproduce this issue.

Agree
Disagree
Informative
Unhelpful
Funny

Yeah the issue is reproduced.

However I took an OEM version of this camera seems they changed the design of this and the "tongue" of the rubber pad is removed, also there are changes in the design of placement of SD-slot and reset button. They are aligned in a slim opening in the OEM version and CVBS out is removed. Moreover, the location of the lit is closer to the lens than the Hik.

My assumption is, Hik noticed this issue and changed their design. I don't think the OEM would customize such thing.

Agree: 1
Disagree
Informative
Unhelpful
Funny

we recently received a shipment of 500 pieces in black, also a specific order, and there too the issue was rectified. glad it helped!

Agree
Disagree
Informative
Unhelpful
Funny

I haven't had Hikvision cameras to default but I continue to have a weird issue with 7 Hikvision cameras connected to an Exacq NVR. Whenever I enable time and date through the OSD of the Hikvision camera it keeps going away. This is an unusual setup where the cameras are recording to the NVR but also FTPing an image to a website every 2 minutes which is why I have time and date enabled on the camera itself. 

Agree
Disagree
Informative
Unhelpful
Funny

Hi, Further update these are the models..

 

Agree
Disagree
Informative
Unhelpful
Funny

Hi, Issue found - firmware level is lower than required to prevent these hacks as suggested. Also uPNP was on so they were in effect available on the internet.. We tested and proved remote access to the camera with no human entered port forwards

All locked down now.

 

* red faced *

Agree
Disagree
Informative: 1
Unhelpful
Funny