An insecure web server embedded in more than 35 models of internet-connected CCTV cameras leaves countless devices wide open to hijacking, it is claimed. The gadgets can be commandeered from the other side of the world with a single HTTP GET request before any password authentication checks take place, we’re told. If your camera is one of the at-risk devices, and it can be reached on the web, then it can be attacked, infected with malware and spied on. Network cameras typically use UPnP to drill through to the public internet automatically via your home router.
ORIGINAL SOURCE: The Register
The post GET pwned: Web CCTV cams can be hijacked by single HTTP request appeared first on IT SECURITY GURU.
from GET pwned: Web CCTV cams can be hijacked by single HTTP request