News

Patched Samsung IP camera still contains leak that allows takeover

By admin
Spread the love

Security researchers from the company Exploiters have found a leak in a Samsung Smartcam that allows an attacker to take over the device remotely. They had previously informed Samung of vulnerabilities in its IP cameras.

The vulnerability is present in the SNH-1011 model, but may also exist in other models. The researchers write that the vulnerability is in PHP code, which allows an attacker to execute arbitrary code on the camera by means of command injection. This allows him to take over the device and, for example, gain access to the images that the camera records. The vulnerable code is responsible for updating the firmware via the so-called iWatch service. Since there is no input sanitation, an attacker can choose a file name for an update file, which contains malicious commands. The web server then executes these commands as root. The researchers report that this is not the first time that this camera line from Samsung appears to be vulnerable.

An earlier 2014 study revealed that it was possible to remotely code the cameras and change the administrator password. When Samsung was made aware of this fact, it decided to remove the entire locally accessible web interface. As a result, users were forced to log in via Samsung’s SmartCloud website. That is why the researchers now chose to look at the IP camera again to verify that the leaks had been closed. It turned out to be, with the exception of the vulnerable PHP code, which had not been removed by Samsung.

Leaks in IP cameras are common. The research organization AV-Test recently published a safety test of eight different IP cameras. In addition, cameras from Logitech, Netgear and MyFox achieved the maximum number of points, the rest scored lower. For example, some models transmit images unencrypted. Inadequate security cameras are also part of the Mirai botnet, which is largely made up of hacked IoT devices. The American FTC recently filed a complaint against D-Link because the company would not sufficiently protect its IP cameras. The Taiwanese manufacturer rejects this.

Demonstration of an exploit of the vulnerability

You might also like
News

Google is serious about ending passwords: ‘passkeys’ are becoming the…

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Nvidia releases GeForce RTX 4060 Ti variant with 16GB memory

Exit mobile version