Claimed Security Vulnerability in Axis, Aimetis and Milestone VMSes
Author: John Honovich, Published on Nov 09, 2015Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.
Related Reports on VMS
VMS UI - Light vs Dark Preferences
on Jun 16, 2017
Several VMS manufacturers have the ability to choose a user interface with either a light or dark color theme. 150+ integrators told us which they...
Axis 20MP Q1659 Camera Tested
on Jun 13, 2017
Axis has joined the super high resolution camera trend with their Q1659, a 20MP model equipped with Canon's APS-C sensor.
We tested the Q1659...
Milestone New "+" Claims To "Conquer The Mid-Market"
on Jun 07, 2017
Milestone has declared they are going to "Conquer The Mid-Market" with new "+" releases.
Will they?
In this report, we examine Milestone's "+"...
Manufacturer Revenue Directory
on Jun 05, 2017
This report contains data on the revenue of 32 security manufacturers, trend analysis of whether they are gaining or losing ground and commentary...
Most Disrespected Manufacturer Competitors
on Jun 01, 2017
Manufacturers told IPVM what competitor they most disrespected.
There was one overwhelming selection that manufacturers felt was harming the...
Most Respected Manufacturer Competitors
on May 25, 2017
Manufacturers told IPVM what competitor they most respected.
In terms of total revenue, Hikvision, Dahua and Axis are certainly tops but would...
IP Camera - 15 Year Shootout
on May 22, 2017
How far have IP cameras come?
We bought and tested 4 cameras across the past 15 years to understand how much and where performance has...
Hanwha 9MP Fisheye Camera Tested (PNF-9010R)
on May 09, 2017
12MP sensor fisheye panoramic cameras are becoming increasingly common.
We have tested Hikvision's DS-2CD63C2F as well as Panasonic's SFV481 4K...
Avigilon Discontinuing Rialto Analytics Line
on Apr 27, 2017
Avigilon is informing dealers/partners that the legacy VideoIQ Rialto products have been discontinued, recommending the newer ACC ES Analytics...
Eagle Eye Exec On Mountain Of Servers - VSaaS Growth Analysis
on Apr 25, 2017
Eagle Eye VP of Operations, Hans Kahler, posted a picture of himself sitting on top of a shipment of new servers, as a testament to the companies...
Most Recent Industry Reports
Importance of Sales To Integrators - Statistics
on Jun 23, 2017
One of the top trends in the industry over the past few years has been the rise of across-the-board sales (e.g.: Hikvision Sales, Dahua Sale,...
Deep Learning Surveillance Startups Deep Problem
on Jun 23, 2017
The undeniably good news for the video surveillance market is that we are seeing the rise of more startups than in many years.
The cause of this...
Avigilon Announces RADAR-Based Presence Detector
on Jun 22, 2017
RADAR is gaining momentum within physical security. Two months after Axis announced a network radar detector, Avigilon has announced a RADAR-Based...
Covert Cloud Camera Service Launching (KJB)
on Jun 22, 2017
Cloud IP cameras, for consumers, has become increasingly commonplace.
However, covert cameras, lag there, with few options.
Now, North America's...
Manufacturers Shipping Unlicensed H.265 Products
on Jun 22, 2017
While H.265 support in video surveillance is growing, IPVM's research shows that most surveillance manufacturers are shipping H.265 products with...
Uniview Low-Cost Bullet PTZ Tested
on Jun 21, 2017
Uniview is offering a HD zoom bullet camera, the IPC742SR9-PZ30-32G, with an integrated pan / tilt positioner, for the price of a low-cost...
QSR Video Surveillance Best Practices
on Jun 21, 2017
Fast food restaurants or QSRs (quick service restaurants), are frequent victims of crime and fraud. Because they are open late, deal with cash, and...
45 Drives 'Lowest Cost' Enterprise Storage Company Profile
on Jun 21, 2017
45 Drives claims the "lowest cost per Hard Drive Slot in the industry." But who or what is '45 Drives'?
What started as a product design to...
No Hack, Still Liable, Court Finds ADT
on Jun 20, 2017
Recently, ADT has been in the news for a $16 million settlement for a cyber security vulnerability class action suit.
One of the most important...
Resolver / PPM 2000 Incident Management Platform Profile
on Jun 20, 2017
You might have seen the company whose employees wear hockey jerseys at trade shows and wondered "what do they do?"
PPM 2000 has been active in...
The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.
Comments (18)
Undisclosed Integrator #1
***** **** ** ******, *** *******'* ** ********* ** ** such * *** *** ****'* ***** * *** **** *** internet, * **** ********** ** **** *** ******** ***.
Create New Topic
Undisclosed Manufacturer #3
**** ******* ***** *** ** ******* ****** **************, ** ******* to ******** ******/***** ** **** ** *********. * ***** *** trick, ** **** *** *** ***** ** **** * ******* to ******* *** ** ****** **************, *** ** **** *** connectin ********* - ** ** ******'* **** **** **** ** basic **************.
***** ***.** *** ** ********* *** ******* * *********** *** the ****** ** ***** ** ** ** *** ******* *** then *** ** ***** **. **** ***** **** ****** * 3rd ***** ***'* ******** **** *** ************...
Create New Topic
Justin Schorn
*’* *** ******* ******* *** ******* ******** ***.
***** *** ******** ************* ********* ** ********* * ******* ***** and ******** ****** ** *** *** ** ***** *** *** and ******* *** *********, *******’ ****** ****** **** (**-**), ******** last ****, ********* **** *****. ******* **-** *** *** ************ Release ***** *** ********* **** ************** *** ** *** ************ *** *********. **** **** ****** prevents ********* ******* ********* ***** ** *********** *** **** ************** downgrade.
******* ***** *** ********* ******** ****** ********* *** ***** **** these ******* ** * ********* *** *********** ******. ** ******** to ********* **** ******** *****, ******* ************** ************ *** ******* **** ******* ************ *** ***** ********** ***** with ********* ******* *******. ** **** *********** ****** *** ******* certified ************ *** ********* ******** ***** *** ******** ******** ********** of *** ****** *** **** *** **.
Create New Topic
Undisclosed #2
**** ** * **** *********** *** ***** ********* *.* ** shine **** *********!
*** ****** ** ******** *****?
Create New Topic
John Honovich
******* ******** * ********* **** ******** ******* ** **** *****:
**** ******* ******** *** ** ********** ***** ************** *** *** HTTP *** **** ********* ** ******* ******* ********** ******** (***) spoofing ******* ******* *** ******** *** * ******.
**** ******* ******** *** ** ********** ***** ************** **** ** HTTPS ********** **** ** ***** **** *** * ******.
Create New Topic
Ryan Twitchell
**** ** **** ********* ** ***** ***** ** *******:*****://***.**********.***/****/***-**-***-******-***-***-********-*********-******
* ******** **** **** *** *****'* ******** *** ***** ************** as * *** ** ******* **** *** *****.
**;**: ** *** **** ** ********* ********** (********* *****) ** otherwise *** ******* ************ ** **** **** *******, ***** ************** can ** * **** *****. ** *** *** ***** **** HTTP *** *** ******* **** ******* ******* *********, **** ****** authentication***** *** *** ** **.
**** ** ** *** ** **** ****** ******** ** ********* (and ***** ** ****** ** ********* * ****** **** ******) and *** *** ** ********** ** *** ********:
****** ************** *** * ***** *******. *** ** *** ****** authentication *****, ** ********* ******** *** ****** ** ***** **** password ** **** ** ***** ** ************ ***. ***** **************, however, ****** *** ****** ** **** **** * **** (* "fingerprint") ** *** ********. ******* **** *** **** ***** ** more ********* *** ****** ********* *** ****** (** ******) ** discover **** ********. *** ******* **** ***** *** ***** ******** (like *** **** ****** **** ** ****) **** **** **** available ** ****** *** ***** ****** ** *** ******. ***** passwords *** ****** * ***, **** **** ** ****** *** have * ****** ******.
***, ***** **** ***** **** ******** **** *** ****. *** kind ** ********** *** ******* ********* ***********, *** ************ **** HTTPS *** *** *** ******** ** ******* **** *********** **** used ********, *** **** **** ** ** **** **** ***** vulnerabilities.
* ****** **** ** ****** ********** ********* ** ******* **** right *** (** *** ********), *** ****** ********** ****** ** able ** ******* **** **** * ****** ********.
Create New Topic
Ryan Twitchell
* *** ******* ***** ** **** *** ********, *** * quick **** ** *** *** ***** **** *** *** ******* for **** *****. ** **** ** ******* ********** *** *** to ***** ******* ****** ************** **** ** ***** ********* **** basic ************** ** *** ****** ** ** *******.
* ***** *** ***** **** ***** *******, ****** ** ******* that ****** **** ******* ************ ** *** *** *********. * do *** ******* ******* * ******** ***** ** *** *** digest ** ********** **** ** ****** *****, *** ** ******** in ********* ******* ******* *** ************. *** ********* ** **** digest **************, * ****** ***** ***** ********* **** *** **** algorithm (**** ** ******) *** ** **** ** *** ***** auth.
Create New Topic
John Honovich
****: ********* ******** **** *** ***** ** **** *****, ** are ******** * ********. *** ***** **** **** ***** ******* sooner ** **** ********.
Create New Topic