Directory of Video Surveillance Cybersecurity Vulnerabilities and Exploits

By IPVM Team, Published Jul 29, 2021, 02:02pm EDT (Info+)

Cybersecurity vulnerabilities have escalated over the past few years and keeping track of who is impacted by each can be difficult.

IPVM Image

This list, updated for 2022, compiles reported exploits for the security industry by date and by manufacturer, with a brief description of each exploit, the affected product(s) and version(s), and links to further reading for each.

Exploit ********

*** ******** ***** ***** * ******* of **** ************* ***** **** * link ** *** ********* ** ***** information.

***** ** **** **** ******** **** screen.

Exploits *** ******** *********

*** **** ***** ***** ***** ******** by **** ******* *** ****** *********:

***

****

  • ********* **** - ******** ******* **.**.**.**.***, and ******** ******* ********, ******* ******** vulnerabilities ********* ****-***** *****-***** ******** *** authentication ****** ********. ********** ******* ****** ******.

********

  • **** **** - *** ******** ***** to *.**.*.** *** ***** ** *.*.*.** allowed *** ********* ***** ** ** retrieved ******* ********* ******* ****, ****** anyone **** ****** ****** ** *** server *** ******* ** ****** ***** at ****, ******* **************, ****** **** a ******** *************. ********** ******* *** in ****** ****** *** **** *************.

****

*****

  • ******** **** -*****, ******** ****-******** ***************: *** **.* ******** *************** ***** with *.* *** *.* ***** ***************. The ***** **.* ************* ******* ***** BVMS *** **** *************** ** ********* data ***** ********* *** *** ** remotely ******* ****. *** ***** **.* vulnerability ******* ** ***** ***** ********* Gateway *** ** **** ******** *********** due ** *** *** ******** ******* authentication *** ******** *********.
  • ******* **** - *** ***/***/*** ***** with ******** ******* *.**, *** ******** older ********, *** ********** ** ******** where ********* *** **** *********-******* **** to *** ****** ** ****** ****** access, ***** ******** * **** ******* that **** *** ******* **************. ** special ******** ** ******** ** ***** out **** ******. ************* ******* *** proof ** ******* ******** *** ****** in ********* ******* *****.

*****

*****

Dedicated ******

  • ****** **** - ********* ****** ****, including ** ***** **-** *******, ** Advanced, **, ********, *** ***, **** with ** ******* ***********, *** ******** protocols *******. **** *** ***** ********* to **** **** *** ****** ***/** to ***** ******* ******* ****** *****. Additional ******* **** ******.

****

*********

  • ******* **** - ** ******** ***** than ******** **** *** *** **** root ****** **** ****** * **** command ****** *** ** **** ** a *******. **** ** * ****** copy / ***** / ***** ******** IP *******. ***** *** ** ******** vulnerabilities **** ***** **** ********* * screen **** ** ******** *** ****** credentials ** ***** ****.**** ******* **** ****.

*******ü**

  • **** **** - *-*** ** *** G-Code ********* ** **** ******* ** their ************* **** ****; ** ************** bypass ************* *** **** **********. *** existing **** ****** ************ ***** ***** attackers ** ****** *** ****** ******* that *** ***** ****** **** *********. More******* **** **** ****.
  • ******** **** - ** *-***/***-**** **** firmware ******* *.**.*.** ** ************** ****** vulnerability *** **** **********. *** ******** file ****** ************ ***** ***** ********* to ****** *** ****** ******* **** may ***** ****** **** *********. ******* in*** **** ********.

******

  • *** **** - ***-****, ***-*****, ***-****, and ***-**** ********* **** * ************* in **** ******** ******** ***** * user *** *** ********** ****** **** an ******** ****** *** *** ****** data/files ** **** ****** ** *** same ********* ********** *********, ********* *** standard ************** ******. ********** ****** ** the***-**** **************** ************* **************.

***

  • ***** **** - ***** *** **** systems **** ******** ***** ** ***** 2016 *** *********** ** * ******* injection *******, ***** ** ******** *** cause *** *********** ** **** ** unlock ***** ******* **************, ** **** as ******* * ****** ** ***** functions ** *** **********. **** ************* was ******** ******* *****'* ****, ********* ******* *** ** ***** in**** ****** **********.

*********

*********

  • ******* **** -********* ****** *** & *** *************- ********* *** **** ** ******** execute **** *** *** *** ********* vulnerability ** ******** *** ***** **** unauthenticated ****** ** *** *** **** interface **** ***** ******.

*****

  • ***** **** -***** *************** **** ** **** *******- * ***************: ******* ********* *************** with ********, ***, *** ***, ********* credentials, *** ********* **** ******* ************* with ***** ****.

*********

  • ******** **** - ********* ****** ******** prior ** ~******** **** *** ******* a ****** ** *************** ********* ****-***** credentials *** *** ******* ** ******* admin ******** *** *************** *** *****, making *** ******* ****** ********** ** attacks.

**********

  • ****** **** - **** *** **** service *** ********** ** ******** ***** of ****** ******** *******. ******* *** uPNP ** **** ***** ** ********, making **** ******* ** ******* ** many ********. ~**** ***** ********. **** details ************* ********** ** ********** *************.

*******

****

  • ******* **** - **** **-**** ***** firmware ******* **-*******.**.****.*********, ******** ******* *********** of *****:*****, *** ************:******. * ****** network ******** *** **** ********** ****** to * ********** ******. ******* *********** can ** ***** ****** ************* ********** **** *****.
  • ****** **** - ******** *******, ********* the *******, ********, *******, ***** *** NVRSolo **** ******** ***** ** *.*.* have ******** *************** **** ***** *** remote **** *********, ****** **** *******, remote **** ********, *** ***** *******. Exploits *** ****** ** ********* ***** multiple ***, *********:*****,*****,*****,*****,*****,*****,*****,*****. **** ** ***** ********** * critical ************* **** ** **** *** an ******** ** ******* ******* *** device.

*****

********

  • ******** **** - ******** ***'* **** under ******* ****** *** ******** **** multiple ********, ********* ******* ** ****** authentication *** *** ****** ******. ******* can ** ***** ***** *********** ****.

****

  • **** **** -**** ***** **** ***************- ****** ******** ** ** ******** without ***** ***********, ******* ******** ***** to **** **** ******** ** ******* so ** ** **** ******* **** some *****, ******* ***************.
  • ******** **** - ********* *** ******** enable ****** ** *** * *** Gen * ******* **** ******** ***** to *.**.** *** *.*.* ************, ******** them ** *********** ***** ** ****.********** ******* ** *** ******** ** this *******.

*******

  • ******** **** - ********* ******* **** allow ** ******** ** **** *****-***** privileges ** ******** *******. **** ** affected ******* *** *********** ******** ******** to ******* **** ***** *** ******** by *******.

TBK (*** ***** ***, *-***, *** ****)

***

********

  • ***** **** -******** '***********' **** ******- ************ ****** ** **** ** their ******* ****** ** * "*****-***** cloud ********" (****** *** ********).
  • ***** **** - * ******* ********* vulnerability *** ******** ** ******** ***** to ***** *.*.*. ********** *** **** of *******, *** ***** ****** ****** holes ** *******, **** ** ******* shells, ** ******** ********.

*******

  • ******* **** - ***** ******** **** can ** ********* **** ******* *********, and **** **** ** ***** ** admin, ******** **** ******. ******* ******* in******* ******** ******** ********.

*******

  • ***** **** -******* **** ****- ******* **** **** ** *** root / ***** ****** ** *** ~150,000 ******* *** **** **** ** pivot ** ***** ******* ** *********' networks.

*******

  • ******** **** - ********* *** ***** overflow, ****** ********* ** ****** ** service, *** ********* *** *****. ******* in******* ****** ***** ******** *************.
  • **** **** - *** ******* ** Vivotek ******* *** ** **** ** access ***** *** *** ******** ** root. ********** ********:******* ******* ******** ************* *** *******
  • ******** **** - ******** *****, *****, and ******** ***** ********, *** *********** to ****** **** ************** ********, ******** video ******* ** ** ****** ******* authentication. ******** ***** ***** ****** *** be ********. ********** *********** **** **** security:******* **** **** ******.

****

********

  • ******** **** -******* ***/*** *************- ****** (*********) ******** **** * combination ** **** ******** ** **** enable ****** ***** **** ********* **** credentials.
  • ******** **** -******** *** ******** ************* - **** Manufacturer ***** ******** ***** ***** ****** Attacks
  • ******* **** - ******** ******** ***** to ******* **** ******* **** ****** enabled, ***** ******* **** ****-***** ***** credentials ******* ********* ** **** ****** to * **** ***** *** ******* the ******. *** **** ******* ******* was ******** ******, ***** ******** ***** *** ******** devices, *** **** **** ******** ***** and ******* ********* ** ******* ****. Due ** ******** ***** ********* ** OEM ********* ********, **** ******** ******** were **** ***** ********* ******.

Beware ** **** / **********

******** *** ******** *************** ***** ****** other ****** ************ ** ********* ****** in **** *********, ***** ***'* ********* typically *** *** **** *********** ********. For *******, ***** ****** *************** **** be ******* ** ******* ******* ******* that *** ************ **** *** **** or ******* ********.

** ******* ** **** ** ******** *********** *************, ***** *** ********** ********** ** Amcrest ******* ** ************ ********, ***** ******** ***, *-***, *** others.

** **** *** ***** ****** ***** be ********, *** *** *** ***********:

Vulnerability ********* *** **********

*** ********* *** ********* **** ************* varies **** ************ ** ************ *** incident ** ********.

** ** ****** *** * ********** to ******** * ************* ****** ******** and ******* **** ******* ** *** manufacturer. *********, ************* *** ***** * period ** **** ** ******* *** vulnerability ****** *** ****** ********* ******* or ***** ** *******. *********** ******* the ************ **** **** ** ******* the ********** ******** ****** ********** *******, such ** ****** ** ******* *******, ****** **** *** ********* ***** non-response ** *************.

**** ********, ************* ******** *** ******** vulnerabilities ****** ***** *** ******** *******. For *******, ****' **** ****** ************* was ****-********** *** ********* ** ************ ******** ****.

****-**-** ********** ******** ******** *************** * **** ** *** ********** against ****** ********* (***** ** ****** Boot) ** **** **** *** **** S3008. **** ******* ******** *********** **** ***********.

*******, **** ** **** ****** **** third-party ***********.

Other ***************

**** ********* ** ******** ** ***** major *************** **** *** **** ******* years, *** ** *** **********. ** you **** ** *** ******* ** exploit,**** ** ** *************** **** ** * ***.

Comments (19)

***** ******* **** ****! **** **** coming ** **** ** ** ********** and * **** ** *** **** on *** ***** ** ************* ******* to ******** ******** ********. *** ***** not ******* ** ** ********** *********** like ****** * **** *** ***** a ********** ********** ***** **** ***** to *********.

* ** ******* *** **** ****** who ***** ** ** ** ***** cyber **** ******** **** **** ***** two ***** ***** ***. **** ****** be ** ** *** ***** ***** of **** *** ** ******** ** having ****** *** **.

************* & ************** ******** ****** - Industrial ******* *******

**** ******** *************** ********

*** *** *** **** *** *** from *****************ü** *-*** ** *** *-**** | CISA** **** ****.

Agree: 1
Disagree
Informative: 4
Unhelpful
Funny

******, *****, * ***** *** ****** Geutebruck ************* ** *** ******** *** report.

Agree
Disagree
Informative: 1
Unhelpful
Funny

********* ****. * ****** ********** *** of ***** ** *** ********** ********.

Agree
Disagree
Informative
Unhelpful
Funny

* ** ********* **** *** *** vulnerability ** * *****. * ******* they **** **** ** ****. ***** like **** *** ***.

Agree: 1
Disagree
Informative
Unhelpful
Funny

* ***** ******* ** ***** *** still *** ***** ************** ******* **** their ****. **'* *** ******* * vulnerability ** ******, *** **'* **** a **** ** ******** - * "locked" **** **** ** ***** ******.

Agree
Disagree
Informative
Unhelpful
Funny

*** **** *** *** ** ********, although ********** ** *** ** *********** to *********. **** ********* *** **** source **** ** ***** *******. ** they **, **** *** ******** ** publicly **** **** ***********, ****** ** their ************* ** ** ***** ******* somewhere. *** *** ******* *************** ** those ****** ** **** *** **** if *** ******** *** ******** ** in *** **** **** ***** ***************.

Agree: 1
Disagree
Informative
Unhelpful
Funny

**** ** *** ***...

Agree
Disagree
Informative
Unhelpful
Funny: 3

IPVM Image

****, *****, ****, ***…

Agree
Disagree
Informative
Unhelpful
Funny

****** *** *** *** ,)

Agree: 1
Disagree
Informative
Unhelpful
Funny: 1

****** ****.

Agree
Disagree
Informative
Unhelpful
Funny

***** **** - **** ** ******!

Agree
Disagree
Informative
Unhelpful
Funny

**** *** ******* **** ************ ********* at *******ü**.

***** ** **** ** *** *********, we ************ ********* * ******** ****** for *** ** *** *-**** ******* series, ***** ** ********* ** *** partners *** *********.

*** *** **** **** *********** ********* mitigation **** -*******ü** *-*** ** *** *-**** | CISA

IPVM Image

Agree
Disagree
Informative: 3
Unhelpful
Funny

*****! *** ****-**** ******* ** ********** vulnerabilities ** **** **** ******** **** the *****-**** ******* ** ******* *** someone **** ** ******** ****. ************* IT ************* **** **** *************** ** occur *** **** ******* ********* *****.

Agree: 2
Disagree
Informative
Unhelpful
Funny

**** ****** *** **** ******* **** the ********* **** *************** *********************.

Agree
Disagree
Informative
Unhelpful
Funny

**** ****** *** **** ******* **** the******* **** *************** **** ****.***********-*********************** **** **** ********** ** **** firmware ** * ************* **********, ********* 300+ ******.

Agree
Disagree
Informative
Unhelpful
Funny

* ** ** **ï**...

Agree
Disagree
Informative
Unhelpful
Funny

***, **** ** **** ********. ***** you *** *** ****.

Agree
Disagree
Informative
Unhelpful
Funny
Agree
Disagree
Informative: 1
Unhelpful
Funny

***** **** **** *******.

Agree
Disagree
Informative
Unhelpful
Funny
Login to read this IPVM report.
Why do I need to log in?
IPVM conducts reporting, tutorials and software funded by subscriber's payments enabling us to offer the most independent, accurate and in-depth information.
Loading Related Reports