Cheap Dvr Leaves Your Network Vulnerable To Attack

[cybergibbons]

I looked at a cheap DVR and found some really quite serious issues. If you port-forward to this, an attacker - and not a skilled one - can take complete control of the device and do what they want on your network.

 

https://www.pentestpartners.com/blog/pwning-cctv-cameras/

 

I wouldn't trust any DVR to be honest.

 

Expect more like this in the near future.

[al-yeti]

Even if secure passwords are setup?

[cybergibbons]

Even if secure passwords are setup?

 

There's absolutely no requirement to use a password on this. I can make it connect back to my server and control it just by entering a URL on it.

Or I could get you to visit a site with the URL on it.

[Adi]

I looked at a cheap DVR and found some really quite serious issues. If you port-forward to this, an attacker - and not a skilled one - can take complete control of the device and do what they want on your network.

 

https://www.pentestpartners.com/blog/pwning-cctv-cameras/

 

I wouldn't trust any DVR to be honest.

 

Expect more like this in the near future.

 

 

Interesting read.

[PeterJames]

 

I wouldn't trust any DVR to be honest.

 

 

Not even if its on a vpn or vlan?

[Adi]

The way i read it doesnt.

 

It seemed to me you need a fire wall for outgoing stuff to have any chance of helping the matter.

[al-yeti]

No one cares anyway

[cybergibbons]

Not even if its on a vpn or vlan?

 

If you are very strict about it, then it can be safe.

When you are on the VPN connecting to the DVR, you must not browse any other sites, otherwise the attack could be carried out against it.

All outbound access from the DVR needs to be blocked.

[cybergibbons]

No one cares anyway

 

They should. It's essentially the same as letting someone come into your business and plug in a computer to the network.

[MrHappy]

They should

it not quite a real world issue (yet)