CCTV failures



Vulnerability that would allow an attacker to manipulate CCTV cameras

Researchers discovered vulnerability in software of the firm NUUO used for CCTV security cameras that would allow third parties to spy, manipulate videos and implant malware. The company has already released a patch that repairs the bug.

Tenable researchers recently discovered a critical vulnerability, called Peekaboo, that affects software used for recording videos and is part of a solution for CCTV systems offered by the NUUO firm. This failure would allow an attacker to access video logs and alter the recordings by being able to execute malicious code remotely. The company has already released a patch to solve this vulnerability that can be downloaded from the official site.

Right inside the software

The vulnerability affects the software used by NVRMini2, which is a network storage device that records video in digital format and is used for CCTV security cameras. Once it is exploited, it would allow an attacker to access the control system, which is equivalent to accessing the credentials for all connected security cameras, disconnecting them and making changes to the recordings of the recordings.

Assigned with CVE-2018-1149, this buffer overflow vulnerability would allow an attack that would allow access to the Common Input Interface (CGI) used by the camera's web server, which acts as intermediate point between a remote user and the web server. According to the investigation, the CGI does not adequately validate the user's entry and allows access to a part of the camera's web server and execute code arbitrarily.

In addition, a second vulnerability (CVE-2018-1150) takes advantage of a failure in the NVRMini2 application that contains a backdoor that can be used by an attacker to connect to the web server. Once backdoor is enabled within the PHP code, it allows an unauthenticated attacker to modify passwords of any registered user, except the system administrator.

A big company responsability

NUUO is a leading company in the video surveillance industry and these types of devices have more than 100,000 installations throughout the world. In addition, its software is used by third-party surveillance systems. In this sense, taking into account that with the NVRmini 2 solution it is possible to have up to 16 CCTV cameras connected, the number of devices that can be affected is hundreds of thousands.

The company announced in a statement the corresponding updates that must be installed manually to avoid being a victim of the exploitation of these vulnerabilities

Comentarios

Publicar un comentario

Entradas populares de este blog

Importance of social media marketing

Imagen
The important use of social media marketing for restaurants In the current context, with a social media strategies for restaurants in conditions of positioning in social networks, you can carry out actions much more in line with your business model and at a much lower cost. When we look for a social media for restaurants , we do it to see what kind of food it has, how it is decorated or what kind of audience goes to it. We need to have the ideal tools to manage the restaurant's social networks, so that users look for us, find us easily and want to go to the restaurant to try the succulent dish that is presented to them in a photo or in a video. Use Facebook to impact your potential customers It is one of the ideal social networks to promote a restaurant because it serves as a perfect environment and we'll see why. The Fan Page option, one of the most fascinating properties among the possibilities of Facebook. It is perfect because it allows you to display the products, s
Leer más

https://malaga-airport-taxi.net/marbella-airport-taxi/ Marbella Airport Taxi What you see is what you pay, no extras! Marbella airport taxi  offers a high standard of service, in simply taxi transfers as well as in long distance trips. We manage transfers from Malaga Airport to anywhere you require: Nerja, Malaga, Marbella, Estepona, and so on. Marbella airport taxi also provides transfer services for business use and private events such as meetings, conferences, sightseeing and private tours. Our Vehicles are all COMFORTABLE, FINE QUALITY, SAFE, CLEAN, ROOMY, INSURED, LICENSED and MODERN. According to your needs, you can choose between a 4 seats car or a 7 seats car. Our Drivers are POLITE, EXPERIENCED, FRIENDLY, POLYGLOT, HIGHLY TRAINED. No waiting but Meet and greet! Your private chauffeur will be waiting at the arrivals exit hall, holding your name in a cardboard and then, from there, you will be escorted to your car. We constantly monitor the flights and there are no additional charges if your flight is delayed. Booking our transfer service in advance is the ideal solution to get an economical and comfortable transfer from the airport to your destination.

Imagen
https://malaga-airport-taxi.net/marbella-airport-taxi/ Marbella Airport Taxi What you see is what you pay, no extras! Marbella airport taxi  offers a high standard of service, in simply taxi transfers as well as in long distance trips. We manage transfers from Malaga Airport to anywhere you require: Nerja, Malaga, Marbella, Estepona, and so on. Marbella airport taxi also provides transfer services for business use and private events such as meetings, conferences, sightseeing and private tours. Our Vehicles are all COMFORTABLE, FINE QUALITY, SAFE, CLEAN, ROOMY, INSURED, LICENSED and MODERN. According to your needs, you can choose between a 4 seats car or a 7 seats car. Our Drivers are POLITE, EXPERIENCED, FRIENDLY, POLYGLOT, HIGHLY TRAINED. No waiting but Meet and greet! Your private chauffeur will be waiting at the arrivals exit hall, holding your name in a cardboard and then, from there, you will be escorted to your car. We constantly monitor the flights and there are no additional
Leer más

Địa chỉ may đồng phục Andy đà nẵng uy tín

Chính vì sự kết hợp mới lạ này thu hút được không ít sự quan tâm không chỉ với áo lớp đồng phục mà còn trong áo đời thường. Áo lớp Andy là mẫu áo mới trong lĩnh vực áo thun đồng phục lớp hiện nay. Các bạn hoàn toàn có thể thoải mái thiết kế lên những chiếc áo này tùy theo sở thích của tập thể lớp. Áo lớp Oversize có cổ là một lựa chọn hoàn hảo cho các bạn học sinh cá tính. Lấy cảm hứng từ những chiếc áo sơ mi quen thuộc, áo thun cổ sơ mi có phần cổ và tay áo sử dụng cùng chất liệu vải thân áo. Đặc biệt, để tăng thêm độ cứng cho phần chân cổ áo, bề mặt lá cổ, người ta có sử dụng thêm một tấm giấy lót (mếch). Với sự trẻ trung, năng động mà mẫu áo này mang lại nên chúng được lựa chọn khá nhiều khi may đồng phục áo lớp, áo nhóm. Áo thun đồng phục không chỉ đa dạng về màu sắc mà mẫu áo này còn mang đến cho khách hàng nhiều hơn sự lựa chọn về kiểu dáng. Tuy nhiên, vải thun lạnh có khả năng thấm hút mồ hôi kém nên khi mặc cảm giác khá khó chịu và nóng, đặc biệt trong thời tiết mùa hè. Đăc biệ
Leer más