Home page logo

bugtraq logo Bugtraq mailing list archives

Everfocus EDR1600 remote authentication bypass
From: Andrea Fabrizi <andrea.fabrizi () gmail com>
Date: Thu, 22 Oct 2009 11:50:50 +0200

Product: Everfocus EDR1600
Version affected: all
Website: http://www.everfocus.com/
Discovered By: Andrea Fabrizi
Email: andrea.fabrizi () gmail com
Web: http://www.andreafabrizi.it
Vuln: remote DVR authentication bypass

The EDR1600 firmware don't handle correctly users authentication and sessions.

This exploit let you to connect to every remote DVR (without username
and password) and see the live cams :)

Exploit: http://www.andreafabrizi.it/files/EverFocus_edr1600_Exploit.tar.gz

  By Date           By Thread  

Current thread:
  • Everfocus EDR1600 remote authentication bypass Andrea Fabrizi (Oct 22)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]