Author: Zeljka Zorz/ HNS Managing Editor/ Posted on 21 November 2014.
A while back, SANS ISC CTO Johannes Ullrich discovered that cybercrooks were targeting Hikvision Digital Video Recorders (DVRs) in order to infect them with bitcoin-mining malware. They were successful because the DVRs come with a default administrative account "admin" with password "12345," and these are often left unchanged by users.
Digital Video Recorders are usually used to record surveillance footage inside and outside office buildings and private houses and, unfortunately, default accounts and passwords are not their only weak spot.
Mark Schloesser, a researcher with Rapid7 Labs, has discovered three buffer overflow bugs (CVE-2014-4878, CVE-2014-4879 and CVE-2014-4880) affecting Hikvision-DS-7204-HVI-SV digital video recorder device with firmware V2.2.10 build 131009, and likely other devices in the same model range.
These bugs can be exploited remotely and without the need for authentication to gain full control of the device, as they proved by writing a Metasploit module taking advantage of the last one.
full article
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.