TVT units are trivial to find via Shodan, searching for "TVT RTSP" returns ~100K responses.
Retrieving "http://ip.add.re.ss:PORT/Css/Pictures/Login/LoginContent.png" gives you the branding image from the login page for at least some of the units.
My impression has always been that they are kind of a commercial DIY oriented retail store, with some self branded NVRs. I have driven past their location for years, but never heard their name in the context of any project I have been involved in professionally.
Does this mean one can login to any TVT system (not patched with latest firmware of course) as an administrator just by entering the hard-coded password in the login page of the web interface?
Since you asked, whose ‘ignorance’ are they talking about?
All of the devices in the warehouse will be upgraded properly by us or by our local partners. Our online upgrading system will do its job, and we expect your attention in case of failure due to ignorance or other reasons.
"We recently found 3 vulnerabilities with a great help from 3rd party security expert. 2 of them are deeply inside the firmware, and can be used to control the devices, or even damage the info or devices if professional know-how is there. We seriously ask for a update of firmware in proper way to block the vulnerability, in order to avoid the possible risk in the future."
I guess they pay as much attention to grammar, punctuation as they did on their bug ridden firmware.
A few contradictions, least alone trying to save their face!
IPVM conducts reporting, tutorials and software funded by subscriber's payments enabling us to offer the most independent, accurate and in-depth information.
Comments (18)
Undisclosed #1
TVT units are trivial to find via Shodan, searching for "TVT RTSP" returns ~100K responses.
Retrieving "http://ip.add.re.ss:PORT/Css/Pictures/Login/LoginContent.png" gives you the branding image from the login page for at least some of the units.
Create New Topic
Shay Fogel
Does this mean one can login to any TVT system (not patched with latest firmware of course) as an administrator just by entering the hard-coded password in the login page of the web interface?
Create New Topic
Undisclosed Manufacturer #5
Was this exploit on IP cameras, NVRs, or DVRs...or all of the above?
Create New Topic
Undisclosed End User #2
Attention, it seems that Mirai clone (?) has started to exploit this vulnerability.
Source: Google dork
Virustotal samples
VirusTotal (dropper)
VirusTotal (dropper)
VirusTotal (scanner/bot)
Create New Topic