Hikvision Cameras Defaulting? [Upnp Facilitating Hacks]

Undisclosed Integrator #1

Hi, We seem to have certain sites of ours with Hikvision cameras just resetting to factory defaults? Has anyone seen this themselves?

So far three sites this week? It’s only just started to happen. We upgraded the f/w and reset the admin password,reset the IP to what is required, but they drift back to factory default? VMS is Milestone

[IPVM Note: After this discussion and suggestions provided, integrator followed up:

Hi, Issue found - firmware level is lower than required to prevent these hacks as suggested. Also uPNP was on so they were in effect available on the internet.. We tested and proved remote access to the camera with no human entered port forwards

All locked down now.

]

Login to read this IPVM discussion.

Why do I need to log in?

IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Undisclosed Integrator #2

10/17/17 02:24pm

**** ******** *** *** ******** **?

Undisclosed Integrator #1

In reply to Undisclosed Integrator #2 | 10/17/17 02:33pm

* ***’* **** *** ***** ******* * *** **** **** out, **** * ***** ** *** **** ** **** ** it “*** *** ******* *** *** *** *******” :)

Undisclosed Integrator #2

In reply to Undisclosed Integrator #1 | 10/17/17 02:54pm

******** **** ** *** ** ***** **.*.* *** ***** *** port ********** ***** *** *** ****** ** **** ****** ***** hacked *** *** ** ****** *******.

Undisclosed Distributor #5

In reply to Undisclosed Integrator #2 | 10/18/17 07:28am

**** *** ******* ** ** **** * ****, ****** ***** my **** *****. ******* ** *** ** ***** ** **** fw *******

Undisclosed Integrator #2

In reply to Undisclosed Distributor #5 | 10/18/17 07:52am

*** ****** ***:

** ******* *** ****** ****** *** ** ******* *** ******/*****. It *** **** ******** ** *** ***** ******* ** **** his ****.
**** * **** ** *******. ** *** ** ******* ** FW **** **** **.*.* *** **** **** **** ********** ***** for *** ****** ** ** ********** ** *** **** ****** exploit. ***** *** * ***** *** ********.

Jonathan de Chateau

In reply to Undisclosed Integrator #2 | 10/18/17 07:57am

******* ******* *** ** * *** *** ***** *** *** coming ****, ***** *****

Undisclosed #3

10/17/17 02:32pm

*** *** ******* ********** **** ********?

Undisclosed Integrator #1

In reply to Undisclosed #3 | 10/17/17 02:43pm

****** * ******, ********* ******.

Undisclosed #3

In reply to Undisclosed Integrator #1 | 10/17/17 02:54pm

*** *** ******* ******** ********** *** ** *** ******** ** all ** *** **** ****?

** ** ****** ********* *****'* **** ******** ** ** **** it *** **** *** ******* ********** *** ****, * *** wondering ** ******* **** ** ***** **** ** ****. *** there **** ******** ** ***** ** ****** *** ******* ****** the ******? ***** ** *** ******** ******* ** **** ** recent ****** ** **** ************* ******* *** *** ****** ***** that **** ******* ***** ********.

Undisclosed #4

In reply to Undisclosed Integrator #1 | 10/17/17 05:24pm

** **** ****** ******* ** ******** ******?

Undisclosed Integrator #1

In reply to Undisclosed Integrator #1 | 10/18/17 12:41am

******** **** *** ** ********. * ****** ** *** ******* have **** *******?

Undisclosed #3

In reply to Undisclosed Integrator #1 | 10/18/17 12:49am

** ****'** ************ ******* *** ****** *** **, ******* **** from *** ****** **********. *'* *** **** ** **** **** with **** *******, *** **'* **** ********.

John Scanlan

IPVM | IPVMU Certified | In reply to Undisclosed #3 | 10/18/17 07:12am

** ******* ** ***** **** *** ******* ***. ********/***** **** ****** *** ******* ** *******, ***** *** ***** models *** ***.

Undisclosed Distributor #5

10/18/17 05:22am

**** ***** *** *** ***** **** ***?

** ** ** *** **-**********-* *****, ** **** *** ***** where *** **-**** *** ****** *** *** *** *** **** upside ****. **** ****** *** ****** ** **** ** *** reset ****** *** ******* **** *** *** **********

Undisclosed Manufacturer #6

In reply to Undisclosed Distributor #5 | 10/18/17 06:22am

** **#*,

* **** ******* *** ** *** ***** *** *** *** is ************, *** *** *** *** ** **** ****** **** without ******** ** **** *** *****? **** *** ****** ** the *** ****'* ******* ** *** ****** ****** ** **** sides.

**** *** ****** *** * ******* ** *** **-****. ** upside ****, ******'* *** ******* ** *** ** *** ***** button *** *** ******* **?

** ***** ** **-**********-*.

Undisclosed Distributor #5

In reply to Undisclosed Manufacturer #6 | 10/18/17 06:45am

*** ****'* *** ***! *** *** *** **** ** **-******* in *** ***, *** *** ****** ** *** *** *** be *** **** *** ***** ***. *** ** *** *** a *******, **** **

Undisclosed Distributor #5

In reply to Undisclosed Manufacturer #6 | 10/18/17 06:48am

* **** **** ********* **. *** ***** **** *** **** be ******* ** *** ***, *** ****** *** ** **-******* the ***** ***

Undisclosed Manufacturer #6

In reply to Undisclosed Distributor #5 | 10/18/17 06:56am

** **** ***** * *** ** ***** ***. *** ** try ** ** ****** ** *** ** * *** ********* this *****.

Undisclosed Manufacturer #6

In reply to Undisclosed Distributor #5 | 10/18/17 07:39am

**** *** ***** ** **********.

******* * **** ** *** ******* ** **** ****** ***** they ******* *** ****** ** **** *** *** "******" ** the ****** *** ** *******, **** ***** *** ******* ** the ****** ** ********* ** **-**** *** ***** ******. **** are ******* ** * **** ******* ** *** *** ******* and **** *** ** *******. ********, *** ******** ** *** lit ** ****** ** *** **** **** *** ***.

** ********** **, *** ******* **** ***** *** ******* ***** design. * ***'* ***** *** *** ***** ********* **** *****.

Undisclosed Distributor #5

In reply to Undisclosed Manufacturer #6 | 10/18/17 07:56am

** ******** ******** * ******** ** *** ****** ** *****, also * ******** *****, *** ***** *** *** ***** *** rectified. **** ** ******!

Undisclosed Integrator #7

10/18/17 08:05am

* *****'* *** ********* ******* ** ******* *** * ******** to **** * ***** ***** **** * ********* ******* ********* to ** ***** ***. ******** * ****** **** *** **** through *** *** ** *** ********* ****** ** ***** ***** away. **** ** ** ******* ***** ***** *** ******* *** recording ** *** *** *** **** ****** ** ***** ** a ******* ***** * ******* ***** ** *** * **** time *** **** ******* ** *** ****** ******.

Undisclosed Integrator #1

10/18/17 09:58am

**, ******* ****** ***** *** *** ******..

Undisclosed Integrator #1

10/18/17 10:41am

**, ***** ***** - ******** ***** ** ***** **** ******** to ******* ***** ***** ** *********. **** **** *** ** so **** **** ** ****** ********* ** *** ********.. ** tested *** ****** ****** ****** ** *** ****** **** ** human ******* **** ********

*** ****** **** ***.

* *** ***** *

Discussion	Posts	Latest
Hikvision Play The Long Game (16) Started by Undisclosed Integrator #1	16	less than a minute by John Honovich
Why Are My Cameras Randomly Falling Offline? (51) Started by Undisclosed Integrator #1	51	less than a minute by Undisclosed Integrator #5
New How Far Out Are You Booked For Installations? (10) Started by Undisclosed Integrator #1	10	less than a minute by Undisclosed Integrator #3
Looking For Non Hikvision/Dahua Superzoom PTZ At A Similar Price Point (5) Started by Nicholas Lyle	5	less than a minute by Decoux Guilhem
New Recommendations: Camera That Can PTZ To GPS And Height Coordinates? (10) Started by Undisclosed Integrator #1	10	less than a minute by David Capousek

Discussion

Posts

Latest

Hikvision Play The Long Game (16)

Started by Undisclosed Integrator #1

less than a minute by John Honovich

Why Are My Cameras Randomly Falling Offline? (51)

Started by Undisclosed Integrator #1

less than a minute by Undisclosed Integrator #5

New

How Far Out Are You Booked For Installations? (10)

Started by Undisclosed Integrator #1