Subscriber Discussion
Hikvision Cameras Defaulting? [Upnp Facilitating Hacks]
Hi, We seem to have certain sites of ours with Hikvision cameras just resetting to factory defaults? Has anyone seen this themselves?
So far three sites this week? It’s only just started to happen. We upgraded the f/w and reset the admin password,reset the IP to what is required, but they drift back to factory default? VMS is Milestone
[IPVM Note: After this discussion and suggestions provided, integrator followed up:
Hi, Issue found - firmware level is lower than required to prevent these hacks as suggested. Also uPNP was on so they were in effect available on the internet.. We tested and proved remote access to the camera with no human entered port forwards
All locked down now.
]
Are the cameras accessible from internet?
Are the cameras reseting themselves one by one randomly or all at the same time?
If we assume Milestone doesn't have anything to do with it and that the cameras themselves are fine, I was wondering if someone else is doing that to them. Are there port forwards in place to access the cameras behind the router? Check if the firmware version in them is recent enough to have vulnerability updates for the simple hacks that have plagued these recently.
Is your system located on separate subnet?
Actually that got me thinking. I wonder if the cameras have UPNP enabled?
If they're accidentally exposed and should not be, disable UPnP from the router altogether. I'm not sure if Hiks ship with UPnP enabled, but it's very possible.
It depends on which line the cameras are. The Value/Value Plus models are enabled by default, while the Smart models are not.
what model are you using from hik?
if it is the DS-2CD23x5FWD-I model, we have had cases where the SD-slot was opened and the lit put back upside down. This caused the rubber to push on the reset button and creates what you are describing
Hi UD#5,
I just checked one of the model but the lit is asymmetrical, how can one put it back upside down without noticing it does not match? Even the screws of the lit aren't located in the medium points of both sides.
Also the rubber has a opening at the SD-slot. If upside down, wouldn't the opening on top of the reset button and not pushing it?
My model is DS-2CD2355FWD-I.
yes that's the one! The lit can only be re-applied in one way, but the rubber in the lit can be put back the wrong way. Let me get you a picture, hold on
I hope this clarifies it. The metal part can only be applied in one way, the rubber can be re-applied the wrong way
I haven't had Hikvision cameras to default but I continue to have a weird issue with 7 Hikvision cameras connected to an Exacq NVR. Whenever I enable time and date through the OSD of the Hikvision camera it keeps going away. This is an unusual setup where the cameras are recording to the NVR but also FTPing an image to a website every 2 minutes which is why I have time and date enabled on the camera itself.
Hi, Further update these are the models..
Hi, Issue found - firmware level is lower than required to prevent these hacks as suggested. Also uPNP was on so they were in effect available on the internet.. We tested and proved remote access to the camera with no human entered port forwards
All locked down now.
* red faced *
Newest Discussions
| Discussion | Posts | Latest |
|---|---|---|
|
Started by
Undisclosed Integrator #1
|
2
|
less than a minute by Brian Rhodes |
|
Started by
John Honovich
|
4
|
less than a minute by Chris Lanier |
|
Started by
Undisclosed End User #1
|
14
|
44 minutes by Luis Carmona |
|
Started by
Donald Maye
|
20
|
less than a minute by Jim Elder |
|
Started by
John Scanlan
|
13
|
less than a minute by Shannon Davis |
