Eighteen brands of security camera digital video recorders are vulnerable to an attack that would allow a hacker to remotely gain control of the devices to watch, copy, delete or alter video streams at will, as well as to use the machines as jumping-off points to access other computers behind a company’s firewall, according to tests by two security researchers. At least 60,000 of the hackable video boxes, all of which use firmware provided by the Guangdong, China-based firm Ray Sharp, are accessible via the Internet.

Earlier this year a hacker who uses the handle someLuser found that commands sent to a Swann DVR via port 9000 were accepted without any authentication. That trick would allow anyone to retrieve the login credentials for the DVR’s web-based control panel. To compound the problem, the DVRs automatically make themselves visible to external connections using a protocol known as Universal Plug And Play, (UPnP) which maps the devices’ location to any local router that has UPnP enabled — a common default setting. Neither Ray Sharp nor any of the eighteen firms have yet released a firmware fix.

Forbes has a story up about this issue CLICK HERE

The brands that use these Chinese DVR’s, and have been identified as having these security flaws are:   Swann,  Lorex,  URMET,  KGuard,  Defender,  DSP Cop,  Night Owl,  SVAT,  Zmodo,  BCS,  Bolide,  EyeForce,  Atlantis,  Protectron,  Greatek,  Soyo,  Hi-View,  Cosmos, and J2000  (there may be others who have not yet been identified).

Rugged Cams DVR’s are not Chinese and are not vulnerable to these hacks.  Buy the best DVR with the best Tech Support!  Rugged Cams DVR’s.  20 Years of Quality, Toughness and Flawless Operation.

Leave a Reply