sb-nz logo
Story image

D-Link security cams vulnerable to spying

06 May 2019

Security researchers at ESET have discovered serious security holes in the D-Link DCS-2132L cloud camera, which could allow attackers to connect directly into video streams and manipulate the device’s firmware. Some of the affected cameras are located in Australia and New Zealand.

“The most serious issue with the D-Link DCS-2132L cloud camera is the unencrypted transmission of the video stream. It runs unencrypted over both connections – between the camera and the cloud and between the cloud and the client-side viewer app – providing fertile ground for man-in-the-middle (MitM) attacks and allowing intruders to spy on victims’ video streams,” explain the researchers.

The problem lies in the way the camera and viewer app communicate. They use a proxy server on port 2048, using a TCP tunnel. However only some of the traffic that runs through this tunnel is encrypted. 

This means sensitive information such as camera MAC addresses and IP addresses, video and audio streams, and camera information are sent without encryption. Attackers can easily find this unencrypted information and gain access to the device.

“D-Link DCS-2132L also had a few other minor, yet still concerning, issues. It can set port forwarding to itself on a home router, by using Universal Plug and Play (UPnP). This exposes its HTTP interface on port 80 to the internet and can happen without the user’s consent even with the ‘Enable UPnP presentation’ or ‘Enable UPnP port forwarding’ fields in the settings unchecked,” researchers write.

Researchers expressed concern about the ‘mydlink services’ web browser plugin in the camera, which allows live video playback through a browser. It also uses tunnelling to send and receive traffic. Attackers can also use this to change the camera’s firmware to a version that may be riddled with backdoors or malware.

“At the time of writing, issues with the “mydlink services” plug-in have been successfully fixed by the manufacturer,” they write.

“However, the malicious firmware replacement is still possible via vulnerabilities in the custom D-Link tunneling protocol described earlier.”

“At the time of writing the most recent version of firmware available for download was from November 2016 and did not address the vulnerabilities allowing malicious replacement of the camera’s firmware, as well as interception of audio and video streams.”

The D-Link DCS-2132L camera is still on the market. ESET advises owners to check that port 80 is not exposed to public internet.

“Reconsider the use of remote access if the camera is monitoring highly sensitive areas of their household or company,” researchers conclude.

Story image
Are you ready for a more privacy-focused New Zealand?
New Zealand’s new Privacy Act is now in effect, and there are significant changes that affect every organisation that operates in New Zealand.More
Story image
DevSecOps increasingly important, but APAC organisations lagging behind
The rise of DevSecOps comes at a time when IT leaders are faced with an increasingly active cyber threat landscape, coupled with higher consumer expectations of digital offerings and application usage due to a sharp increase in online activities.More
Story image
Trend Micro launches cloud native security solution for modern applications and APIs
“Application security is an invaluable part of the Cloud One platform, integrating technology to provide superior protection for customers deploying applications wherever it makes the most sense for them."More
Story image
NetMotion announces SASE platform leveraging Microsoft Azure
The platform offers integrated transport and web proxies, distributed firewalls, network access control (NAC), zero trust network access (ZTNA) or software-defined perimeters (SDP), a VPN highly optimised for mobile access, and AI-driven policy and risk analysis.More
Story image
How a vantage point sees threats before they impact
When the focus has been on adversaries that develop increasingly complex and sophisticated attacks, tried and true techniques such as compromised credentials continue to be amongst the most potent weapons.More
Story image
emt Distribution brings Netsparker security solutions to A/NZ and APAC market
emt Distribution has announced it will bring enterprise-level Netsparker dynamic application security testing solution to Australia, New Zealand and APAC businesses.More