Zavio IP cameras contain multiple vulnerabilities, ranging from hard-coded credentials to command injection. These vulnerabilities may be leveraged to allow a remote attacker to gain unauthorized access to camera devices and possibly sensitive information.
Zavio F3105 and F312A IP cameras, but other models may also be affected.
Remote Code Execution
Exploitation of this vulnerability is possible through the use of injecting arbitrary commands. Remote attackers who successfully exploit this vulnerability will be able to execute commands on the vulnerable system.
BeyondTrust Prevention and Detection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
- 19788 - Zavio IP Cameras Multiple Vulnerabilities (Zero-Day)
Do not leave cameras publicly facing to the Internet. Enable RTSP authentication to prevent anyone from viewing video streams from the device. Limit access to manufacture.cgi and wireless_mft.cgi, and check the parameter General.Time.NTP.Server in requests for /opt/cgi/view/param.