Experts Warn of The Dangers of Using Baby Monitors

The SafetyDetectives research team has discovered a misconfiguration vulnerability in the baby monitors, the exploitation of which could potentially provide unauthorized access to the video stream of each camera. Numerous baby monitors using the RTSP protocol do not require authentication to connect third-party users.

The following devices can provide unauthorized access to their video stream if they are used as a baby monitor: Hipcam RealServer V1.0, H264DVR 1.0, webcamXP 5, Boa / 0.94. 14rc21. The problem affects users in countries around the world, including Argentina, Australia, Brazil, Canada, France, Germany, Israel, Italy, Japan, Netherlands, South Africa, South Korea, Spain, Switzerland, India, USA, UK, Vietnam etc.

Information security specialists were able to identify unprotected devices either by their "server header" or by a screen overlay with a detailed description of a particular brand. Server Header - A strip of information provided by RTSP that details many factors, including the type of device. Also, 4 main problems have been identified that can cause the baby monitor to become unprotected and therefore unsafe to use.

First of all, problems arise from devices designed for local networks that are streaming over the Internet. Many baby monitors are designed for use on local networks. Unfortunately, if an institution (like a kindergarten) has to stream from this type of device on the internet, and the connection is not password protected, nothing prevents anyone from accessing the cameras.

Also, some devices may be incorrectly configured for use outside the local network without proper authorization. In such cases, many users are unable to implement correct security procedures (such as password protection), resulting in the baby monitor allowing unauthorized access.

Various companies are known to have renamed their IP cameras as baby monitors. It is a common occurrence in e-commerce that a number of online retailers mistakenly advertise cameras as suitable for use as a baby monitor. In most cases, the original manufacturer did not intend to use their devices for such purposes.

According to the results of Shodan searches, experts identified more than 110 thousand open video streams, more than half of which are used as CCTV cameras in stores or outdoors.

Previous Post Next Post