Critical Vulnerability in Digital Video Recorders Exposes 400,000 Devices to Hackers

A few digital Video Recorder (DVR) gadgets possess been known with a severe security vulnerability, leaving over 408,000 units exposed to doable cyber-assaults.

The flaw, primarily affecting units such as TVT DVR TD-2104TS-CL, TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5L(MM), and AVISION DVR AV108T, allows unauthorized access to sensitive tool information due to inadequate access controls on the gadgets’ net servers.

The vulnerability, labeled under CWE-200: Data Publicity, will possible be exploited through a selected endpoint (/queryDevInfo).

This endpoint will possible be accessed without right authentication, revealing detailed tool information, alongside side hardware and system versions, serial numbers, and network configurations, as per a document by Netsecfish.

Affected Devices and Instrument Variations

The vulnerability impacts a sizable various of DVR gadgets, with the next units and system versions being notably inclined:

Hardware Devices:

• TVT DVR TD-2104TS-CL
• TVT DVR TD-2108TS-HP
• Provision-ISR DVR SH-4050A5-5L(MM)
• AVISION DVR AV108

Instrument Variations:

• 1.3.4.22966B181219.D00.U1(4A21S)
• 1.3.4.24513B190218.D00.U1(8A21S)
• 1.3.3.20657B180918.D06.U2(4A41T)
• 1.3.4.24879B190222.D00.U2(8A21S)
• 1.3.4.22966B181219.D14.U1(8A41T)
• 1.3.4.22966B181219.D44.U1(16A82T)

Provision-ISR has acknowledged the mission, mentioning that it resulted from a collaborative effort with TVT. The firm is currently working on mitigation techniques to salvage the vulnerability.

Exploitation and Mitigation

Exploiting this vulnerability in all fairness easy. Attackers can retrieve sensitive information by sending a crafted POST seek information from to the susceptible endpoint.

A pattern exploitation describe is as follows:

bash  curl -X POST "http:///queryDevInfo"   -H "Accept-Language: en-US,en;q=0.9"   -H "Accept-Encoding: gzip, deflate"   -H "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"   -H "Upgrade-Insecure-Requests: 1"   -H "Connection: keep-alive"   -H "User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS like Mac OS X) AppleWebKit (KHTML, like Gecko) Version Mobile Safari"   -H "Content-Length: 103"   -d ''

Security experts issue affected tool customers to limit network access to the DVRs, apply accessible patches, and video display for abnormal narrate. Manufacturers are entreated to free up firmware updates that address these security flaws promptly.

Because the digital panorama evolves, making sure sturdy security features for IoT gadgets remains valuable.

This incident underscores the severe want for manufacturers to prioritize security of their product designs and for customers to close vigilant against doable vulnerabilities.