lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-Id: <201607282237.u6SMbTd9018078@sf01web1.securityfocus.com>
Date: Thu, 28 Jul 2016 22:37:29 GMT
From: reggie.dodd30@...il.com
To: bugtraq@...urityfocus.com
Subject: Vicon Network Cameras - Authentication Bypass

TITLE
Vicon Network Cameras - Authentication Bypass

AUTHOR
Reginald Dodd / Information Security Engineer
https://www.linkedin.com/in/reginalddodd

VENDOR
Vicon Industries Inc.
http://www.vicon-security.com
http://www.vicon-security.com/products/network-cameras/

DESCRIPTION
Remote unauthenticated users can add an administrator, operator, or guest accounts to various Vicon network cameras by navigating directly to a specific URL. The URL is missing authentication and gives you direct access to the form that creates new accounts. URL: http://<IP>/system/user_pop.php?method=add&ptz_use=0 . With an account, a user can view the live video and alter camera settings.

AFFECTED PRODUCTS AND VERSIONS
Confirmed in products: V920D, V922D, and V-CELL-HD

It is assumed that many more products are affected because the issue was tracked to a single web template that is used in many products of their network cameras. After referencing this issue with the vendor, the vendor supplied a firmware release note (Dated March 2015) that showed many products and their possible vulnerable firmware versions and the fixed firmware versions:

V-CELL-IP; V660V-P (Europe) - Version T2_V2.7.3 and prior
V920D and V921D - Version T4_V2.1.6 and prior
V922D, V923D, V-CELL-HD, V921B, V922B, V923B, CE202D-N and CE202D-WN - Version T6_V1.9.4 and prior
V905-CUBE - Version T5_V2.4.3 and prior
CE102D-NIR and CE102B-NIR - Version T8_V1.4.3 and prior
SN663V, SN680D-WNIR - Version X1_1.4.9 and prior
SN663V-A, SN680D-A-WNIR - Version X2_1.2.1 and prior

SOLUTION
Check this url, http://<IP>/system/user_pop.php?method=add&ptz_use=0, of your ip camera(s). If you can add new accounts with no basic authentication prompt, then update the firmware. A fix is available. Users have to manually update each camera.

REFERENCES
http://www.vicon-security.com/Software/Vicon_Camera/V9xxCameras_3-15_Firmware-updated_Release_Notes.pdf

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ