Overview
Digital Video Recorders (DVRs), security cameras, and possibly other devices from multiple vendors use a firmware derived from Zhuhai RaySharp that contains a hard-coded root password.
Description
CWE-259: Use of Hard-coded Password - CVE-2015-8286 According to the reporter, DVR devices based on the Zhuhai RaySharp firmware contain a hard-coded root password. Remote attackers with knowledge of the password may gain root access to the device. |
Impact
An unauthenticated remote attacker may gain root access to the device. |
Solution
Apply an update if possible |
Restrict network access |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | 10 | AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Temporal | 8.5 | E:POC/RL:U/RC:UR |
| Environmental | 6.4 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND |
References
- https://www.riskbasedsecurity.com/research/RBS-2016-001.pdf
- http://www.forbes.com/sites/andygreenberg/2013/01/28/more-than-a-dozen-brands-of-security-camera-systems-vulnerable-to-hacker-hijacking/
- http://seclists.org/bugtraq/2015/Jun/117
- http://console-cowboys.blogspot.com/2013/01/swann-song-dvr-insecurity.html
Acknowledgements
Thanks to Carsten Eiram of Risk Based Security for reporting these vulnerabilities.
This document was written by Garret Wassermann.
Other Information
| CVE IDs: | CVE-2015-8286 |
| Date Public: | 2016-02-17 |
| Date First Published: | 2016-02-17 |
| Date Last Updated: | 2016-02-19 19:49 UTC |
| Document Revision: | 71 |