A Linksys Web camera is vulnerable to SetSource() boundary error. This vulnerability will disclose sensitive system information in plain text to an attacker.
As I was checking out my weekly e-mail from US-Cert, I came across Vulnerability Note VU#528993, which states:
"The Linksys WVC54GC wireless video camera insecurely sends initial configuration information over the network, which can allow a remote, unauthenticated attacker to intercept video streams, access wireless network authentication credentials, modify the device firmware, or cause a denial-of-service to the video camera."
The following image of the Linksys WVC54GC is courtesy of Linksys:
Most Linksys devices use port 916 UDP for remote management commands. This vulnerability allows an attacker to craft a packet and send it to the Web camera, and the Web camera will return sensitive system information to the attacker. The information that's sent back amounts to login credentials, wireless network connection information, including encryption keys and SSID, and normal system management information.Keys to the kingdom
If the attacker is successful in retrieving the configuration information, owning the network just became a whole lot easier. Depending on where the attacker is physically located, access may be possible via the Internet or Wi-Fi. To add insult to injury the attacker also has access to the Web camera and who knows how embarrassing that could be.Final thoughts
Please remember attackers always take the simplest approach to gain access to networks, and this attack vector is just that. The vulnerability applies to all Linksys WVC54GC cameras that are using firmware prior to version 1.25. It's advisable to update as soon as possible. Why take the chance when updating the firmware is simple to do. This is yet another reminder to make sure firmware on all networking devices is up to date, because this exploit may not be confined to the WVC54GC.
Need help keeping systems connected and running at high efficiency? Delivered Monday and Wednesday, TechRepublic's Network Administrator newsletter has the tips and tricks you need to better configure, support, and optimize your network. Automatically sign up today!