It is currently 20-10-2017 01:03

The DVR AVer Information EH6108H+ discovered three unpatched vulnerabilities

The DVR AVer Information EH6108H+ discovered three unpatched vulnerabilities

by sigismund » 2016-09-15 11:13:17


In the case of infection with malware, the device can become part of a botnet used for DDoS attacks.


A group of computer emergency response (US-CERT) has warned companies around the world about three unpatched vulnerabilities in the firmware of the DVR AVer Information EH6108H+ allows attackers to gain control over the device.

According to the description on the official website of the product, AVer Information EH6108H+ is a hybrid DVR with the function of controlling IP-cameras, designed for broadcast and recording videos. The device is used with IP and CCTV cameras and allows you to broadcast video over the Internet or stored locally. According to experts US-CERT, the problem can occur when the DVR is connected to the Network, since in this case the attacker several ways to access its control panel.

CVE-2016-6535 is a two backdoor accounts with root privileges and immutable credentials. Passwords are sewn into the firmware, and delete or deactivate them is impossible. An attacker that knows the IP address of the DVR, can connect to it via Telnet.

CVE-2016-6536 allows you to bypass the authentication mechanism. An attacker can access the configuration panel on the page [device_IP]/setup and choose the value of the parameter "handle" that will enable him to access the admin panel without entering the appropriate credentials. CVE-2016-6537 exists due to errors when processing user credentials in the course of various operations and enables you to reveal information.

In recent months, increasingly began to appear about botnet, consisting of devices "Internet of things" and used for DDoS attacks. For example, recently it became known about the Troyan Mirai infecting the device "Internet of things", mainly DVRs with firmware based on Linux. Infected with malware the system included in part of a large botnet used for DDoS attacks. In addition, more than 1 million web-cameras and DVRs consumer-grade are BASHLITE part of a botnet used by cyber criminals for the same purpose.
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5