Skip to main content

    Security camera recorders could be open to tampering because of common firmware flaw

    Security camera recorders could be open to tampering because of common firmware flaw

    Share this story

    security camera
    security camera

    The DVR boxes used to manage recording from security cameras may not actually be so secure. A hacker at Console Cowboys found that the Ray Sharp platform used by many companies' DVRs — the author lists Swann, KGuard Security, and more — is vulnerable to unauthorized access, even from behind a firewall. "SomeLuser" found that the platform is set to automatically enable Universal Plug n Play, making it easily accessible through networks that support it. Connecting through Port 9000 allowed users to bypass security, then request the username and password for the DVR in plain text. From there, it's possible to exploit more loopholes to run system commands, accessing or deleting footage. That could make it one of several standard business technologies that's turned out to be full of security holes.

    Rapid7 Chief Security Officer HD Moore has confirmed the vulnerability, which he says "provides remote, unauthorized access to security camera recording systems." If it's as widespread as believed — while neither has tested it on all the brands mentioned, both are confident it's present across the board — it potentially undermines the security of small businesses, who are likely to have UPnP enabled, says Moore. For now, there doesn't seem to be an easy fix for users, though DVR seller Zmodo has told Forbes it developed its own firmware that "has never been susceptible to the same intrusions as firmware developed by Ray Sharp."