exploit-db-mirror/exploits/hardware/remote/44048.md
Offensive Security 36c084c351 DB: 2021-09-03
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

1.7 KiB
Raw Permalink Blame History

Vulnerabilities Summary

The following advisory describes three (3) vulnerabilities found in Ichano IP Cameras.

AtHome Camera is “a remote video surveillance app which turns your personal computer, smart TV/set-top box, smart phone, and tablet into a professional video monitoring system in a minute.”

The vulnerabilities found are:

Hard-coded username and password telnet Hard-coded username and password Web server Unauthenticated Remote Code Execution

Credit

An independent security researcher, Tim Carrington, has reported this vulnerability to Beyond Securitys SecuriTeam Secure Disclosure program.

Vendor response

We tried to contact Ichano since November 21st 2017, repeated attempts to establish contact went unanswered. At this time there is no solution or workaround for these vulnerabilities.

CVE: CVE-2017-17761

Vulnerabilities details

Hard-coded username and password telnet The device runs a telnet server at startup with a default password of 123.

Hard-coded username and password Web server In /app/www/doc/script/login.js, in the function DoLogin(), client side validation is used to login a user:

if($("#UserName").val()=="super_yg"){jumpPage();return}

A user can login with these credentials and can then take control of the device over http:

Unauthenticated Remote Code Execution The device runs “noodles” binary a service on port 1300 that allows a remote (LAN) unauthenticated user to run arbitrary commands.

The binary has a set of commands he can run if a user will use the following “protocol”, command to be run is enclosed like html tags, i.e. id, a successful execution results in <system_ack>ok</system_ack>.