4 matches found
Which? Magazine recommends vulnerable smart home camera
You’ll already know that we have a keen interest in smart home camera security. Our recent work on Swann and FLIR cameras showed how it could be trivially easy to spy on people through their security cameras. Which? Magazine has a well-earned reputation for providing product reviews for consumers...
Samsung SmartThings Hub video-core clips Code Execution Vulnerability
Summary Multiple exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core’s HTTP server of Samsung SmartThings Hub. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An...
Samsung SmartThings Hub video-core REST Request Parser HTTP Pipelining Injection Vulnerabilities
Summary Multiple exploitable vulnerabilities exist in the REST parser of video-core’s HTTP server of the Samsung SmartThings Hub. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, URL and body. An...
Samsung Smartcam Remote Command Execution Vulnerability
Samsung Smartcam is Samsung's smart webcam. A remote command execution vulnerability exists in Samsung Smartcam. Due to improperly cleared iWatch firmware upgrade filename, a remote attacker can exploit the vulnerability to remotely execute commands by constructing a special request to inject...