Security camera recorders could be open to tampering because of common firmware flaw

security camera

The DVR boxes used to manage recording from security cameras may not actually be so secure. A hacker at Console Cowboys found that the Ray Sharp platform used by many companies' DVRs — the author lists Swann, KGuard Security, and more — is vulnerable to unauthorized access, even from behind a firewall. "SomeLuser" found that the platform is set to automatically enable Universal Plug n Play, making it easily accessible through networks that support it. Connecting through Port 9000 allowed users to bypass security, then request the username and password for the DVR in plain text. From there, it's possible to exploit more loopholes to run system commands, accessing or deleting footage. That could make it one of several standard business technologies that's turned out to be full of security holes.

Rapid7 Chief Security Officer HD Moore has confirmed the vulnerability, which he says "provides remote, unauthorized access to security camera recording systems." If it's as widespread as believed — while neither has tested it on all the brands mentioned, both are confident it's present across the board — it potentially undermines the security of small businesses, who are likely to have UPnP enabled, says Moore. For now, there doesn't seem to be an easy fix for users, though DVR seller Zmodo has told Forbes it developed its own firmware that "has never been susceptible to the same intrusions as firmware developed by Ray Sharp."

The Verge
Log In Sign Up

Log In Sign Up

Forgot password?

We'll email you a reset link.

If you signed up using a 3rd party account like Facebook or Twitter, please login with it instead.

Forgot password?

Try another email?

Almost done,

By becoming a registered user, you are also agreeing to our Terms and confirming that you have read our Privacy Policy.



Choose an available username to complete sign up.

In order to provide our users with a better overall experience, we ask for more information from Facebook when using it to login so that we can learn more about our audience and provide you with the best possible experience. We do not store specific user data and the sharing of it is not required to login with Facebook.