Security vulnerability in IoT cameras could allow remote control by hackers

More Internet of Things security holes found in one of the most common forms of internet-connected cameras.
Written by Danny Palmer, Senior Writer

Video: Rapid IoT growth creates security headache - and the solution may be up to you

Newly uncovered vulnerabilities in a popular brand of indoor internet-connected cameras could be exploited by attackers in order to gain complete control of the device.

Security issues with the Foscam C1 Indoor HD Camera could allow hackers to remotely access the device, according to researchers.

The Foscam C1 camera is a commonly used home-monitoring devices and is sold by a number of large technology retailers. Based in China, ShenZhen Foscam Intelligent Technology Co describes its offerings as the 'leading IP video camera' and says the products exist to 'to make life more secure for people all around the world'.

But researchers at Cisco Talos have discovered vulnerabilities in the camera which could remotely put it in the hands of hands of hackers. The latest vulnerabilities the Foscam C1 are separate to previously disclosed issues which could be used to compromise the device.

Issues have been discovered in the webService DDNS client code execution, firmware upgrades, softAP configuration, device-to-device communications, along with several buffer overflow vulnerabilities.

"These vulnerabilities could be leveraged by an attacker to achieve remote code execution on affected devices, as well as upload rogue firmware images to the devices, which could result in an attacker being able to completely take control of the devices," said Talos.

Foscam cameras with Dynamic DNS (DDNS) enabled are sensitive to buffer overflow vulnerabilities, which could be exploited by attackers via the use of a rogue HTTP server in order to write new responses to boot up commands, allowing for remote control of the device.

Researchers also found the Foscam C1 HD Indoor camera's firmware upgrades could be compromised via the web management interface present on the device. They were found to lack sufficient verification of firmware images provided by users, a loophole which could be exploited by attackers to upload and execute custom firmware on devices.

See also: Your forgotten IoT gadgets will leave a disastrous, toxic legacy

A vulnerability also exists in the web management interface which if exploited, can enable a specifically crafted HTTP request to inject arbitrary shell characters during SoftAP configuration which results in command injections which can be abused by the attacker.

Furthermore, researchers found device-to-device communications could be maliciously abused by attackers via the use of a buffer overflow condition, allowing unauthenticated remote commands to be issued, potentially again resulting in compromise of the device.

Foscam Indoor IP Camera C1 Series models running system firmware version, Application Firmware Version or Plug-In Version: are all susceptible to the vulnerabilities.

"In many cases these devices may be deployed in sensitive locations. They are marketed for use in security monitoring and many use these devices to monitor their homes, children, and pets remotely" wrote Talos researchers.

Cisco has already informed Foscam of the vulnerabilities and the camera manufacturer has released a firmware update to resolve the issue.

"Users of the affected devices should update to this new version as quickly as is operationally feasible to ensure that their devices are not vulnerable," said researchers, who also warn that IoT devices should be kept up-to-date to ensure the highest level of security possible.

The Foscam C1 IP camera vulnerabilities are the latest in a line of security issues uncovered in popular IoT devices. Other brands of IoT cameras have regularly been found to contain vulnerabilities, while everything from IoT connected children's toys to large sailing vessels have been discovered to lack the most basic cyber security.

Updated: In an email to ZDNet, a Foscam spokesperson said its security team which works "to fix confirmed securities holes accordingly".

"Foscam always attach great importance to product security. We will continue to strengthen our efforts and increase our investment in improving product security and make our products more stable and reliable for our users," they added.


Editorial standards