Axis cameras there are security flaws, three of the vulnerabilities can be taken over-vulnerability warning-the black bar safety net

Network security company VDOO researchers recently discovered several vulnerabilities affect the Axis nearly 400 security cameras.
From the network security company VDOO researchers on IOT devices conducted a study and found that the axis company manufacturing the camera of the presence of seven vulnerabilities. According to the vendor said that nearly 400 products affected by this problem, the Axis have been made for each vulnerability released security patches.
The attacker can pass its IP address to remotely take over the camera, the use of the vulnerability may access or freeze a video stream, and control all camera functions such as motion detection, direction, also can change software.
Experts warn that the attacker can let the camera join the botnet in order to support a variety of attacks, such asDDoSand mining it.
“We found that the Axis is vulnerable equipment suppliers. Our team at axis security cameras found a series of serious vulnerabilities. These vulnerabilities so as to obtain the camera IP address of the remote attacker to take over the camera by LAN or Internet to. In General, VDOO has gone to Axis security team disclosed the seven holes.“ VDOO released analysis report said.“ The three reported vulnerabilities put together by, you can allow a remote, unauthenticated attacker with network access to the camera login page without previous access to the camera or the camera credentials, and then complete control of the affected camera.”
Researchers recently published a each vulnerability’s technical details and the related conceptual proof of the PoC code for it.
After the researchers demonstrate, by a root sending a specially crafted request to the CVE-2018-10662 and bypass the authentication CVE-2018-10661, and then to inject arbitrary shell commands, CVE-2018-10660, you can use three vulnerabilities.
The following is the researchers test the steps of:
Step 1: attackers use to bypass authorization Vulnerability, CVE-2018-10661 send an unauthenticated HTTP request, the request arrives at the/bin/ssid. srv functions, the function processing. srv. Typically, only administrators can access this feature.
Step 2: attacker use an interface, the interface without any restrictions, allowed to send any dbus message to the device bus CVE-2018-10662, which is available from the/bin/ssid. srv access. Since/bin/ssid to run as root, so these dbus message is authorized to invoke the system most of the dbus service interface, otherwise it will be subject to strict authorization policies. The attacker can choose to send a dbus message to a called PolicyKitParhand the dbus service interface, which provides a set parhand parameters of the function. Then the attacker can control any device parhand parameter values.
Step 3: Using the shell command injection Vulnerability CVE-2018-10660 is. Some parhand parameters of the type“Shell-Mounted”in the configuration file to a shell variable assignment format the end, which will later be included in as root to run the service init script. Due to step 2, the attacker can send an unauthenticated request to set the parameters of the parameter value. By doing so, the attacker can now use special characters to set a value of the parameter to exploit this vulnerability, resulting in a command injection, so as root execute the command.
VDOO found other vulnerabilities can be unauthenticated attacker may be from the memory to obtain information in order to trigger the DoS condition.
! [](/Article/UploadPic/2018-6/20186221830256. jpg? www. myhack58. com)
Asix released a security Advisory, including all of the affected camera is the complete list as well as addresses the vulnerability of the firmware version. At the same time, as the IOT device Safety part of the study, VDOO researchers also in the Foscam camera found some vulnerabilities.