CVE-2021-31793

An issue exists on NightOwl WDB-20-V2 WDB-20-V220190314 devices that allows an unauthenticated user to gain access to snapshots and video streams from the doorbell. The binary app offers a web server on port 80 that allows an unauthenticated user to take a snapshot from the doorbell camera via th...

EUVD-2021-18674

Malware in sbrugna...

Ring shares data with police without consent (but it’s in good faith), says Amazon

Ring, the Amazon-owned company behind the popular smart doorbells, has admitted to giving doorbell data to law enforcement willy-nilly. All they have to do is fill out a form called the Amazon Law Enforcement Request Tracker—no need to ask for the data owners consent, give a warrant or court orde...

CVE-2021-31793

An issue exists on NightOwl WDB-20-V2 WDB-20-V220190314 devices that allows an unauthenticated user to gain access to snapshots and video streams from the doorbell. The binary app offers a web server on port 80 that allows an unauthenticated user to take a snapshot from the doorbell camera via th...

Code injection

An issue exists on NightOwl WDB-20-V2 WDB-20-V220190314 devices that allows an unauthenticated user to gain access to snapshots and video streams from the doorbell. The binary app offers a web server on port 80 that allows an unauthenticated user to take a snapshot from the doorbell camera via th...

CVE-2021-31793

The connected Red Hat and NVD records confirm CVE-2021-31793 affects NightOwl WDB-20-V2 devices (model: WDB-20-V2_20190314). A web server on port 80 can be accessed by unauthenticated users, enabling retrieval of snapshots and video streams via the /snapshot URI. The issue is described as an unau...

Night Owl WDB-20-V2 访问控制错误漏洞

Night Owl WDB-20-V2 is a webcam from Night Owl UK. A security vulnerability exists in the NightOwl WDB-20-V2 WDB-20-V2 20190314 device that allows an unauthenticated user to obtain a snapshot from the doorbell camera via the snapshot URI...

Warning Issued Over Hackable ADT's LifeShield Home Security Cameras

Newly discovered security vulnerabilities in ADT's Blue formerly LifeShield home security cameras could have been exploited to hijack both audio and video streams. The vulnerabilities tracked as CVE-2020-8101 were identified in the video doorbell camera by Bitdefender researchers in February 2020...

HaXmas Hardware Hacking

Usually, when you read an IoT hacking report or blog post, it ends with something along the lines of, "and that's how I got root," or "and there was a secret backdoor credential," or "and every device in the field uses the same S3 bucket with no authentication." You know, something bad, and the...