D-Link Surveillance camera DCS series

2019: Vulnerabilities in the cameras D-Link DCS-2132L are closed not completely

Cybersecurity experts advise users for a while to refuse use of function of remote access in the cameras D-Link DCS-2132L mounted in especially important sections of the house or the company. The reason – existence of the vulnerabilities allowing to intercept a video flow and to modify a firmware of devices. It became known on May 6, 2019.

Problems with security in D-Link DCS-2132L were detected in 2018 by specialists of ESET company. The most dangerous of them creates all necessary conditions for implementation of man-in-the-middle attack. Vulnerability exists due to the lack of enciphering of the video flow transferred by the camera to a cloud service of D-Link, and a cloud service – to the end user.

The second problem mentions MyDlink services plug-in for browsers allowing users to browse a video flow without coming into the application. Using this vulnerability the malefactor can change a legitimate firmware of the device harmful. However, it will be quite difficult to perform the attack.

Additional vulnerabilities were also detected in a set of the protocols of Universal the Plug and Play used by the camera. Universal of the Plug and Play opens port 80 on home routers, thereby doing the HTTP interface available to the malefactors scanning the Internet in search of open ports.

The producer released corrections for some vulnerabilities, however they are incomplete. As showed the testings held by researchers of ESET, vulnerability in a plug-in of MyDlink services was eliminated completely, but the others still remain uncorrected. As a precautionary measure users are recommended to disconnect from the Internet port 80 on routers and to limit use of function of remote access^[1].

Notes