DVR Flaw Allows Attacker to Control Security Cameras

Security researchers revealed vulnerabilities in the digital video recorders of CCTV video cameras that would allow an attacker to seize control of the buggy devices to watch the recorded video streams, copy, delete or turn them on and off.

Apart from enabling illegal access to the security camera systems, the buggy devices also transform the machine into a jumping-off point of access to computers in a network, behind a company`s firewall, according to researchers with security firm Rapid7.

H.D. Moor, chief security officer with Rapid7, found some 58,000 unique IPs running a vulnerable DVR platform in 150 countries, of which the United States, India, and Italy took the lion`s share.

“In addition to Ray Sharp, the exposures seem to affect rebranded DVR products by Swann, Lorex, URMET, KGuard, Defender, DEAPA/DSP Cop, SVAT, Zmodo, BCS, Bolide, EyeForce, Atlantis, Protectron, Greatek, Soyo, Hi-View, Cosmos, and J2000,” Moore writes in his blog post.

The hacker by the name someLuser was the first to note on his blog his findings on a vulnerable Swann DVR when he saw that commands sent to the precise device via port 9000 were getting through without proper authentication.

The buggy DVRs were also visible on the Internet because of the Universal Plug and Play protocol that maps UPNP capable devices and exposes means of interaction over the web.