Man-in-the-Middle vulnerabilities in D-Link cameras

[silversurfer]

A series of vulnerabilities in the D-Link DCS-2132L cloud camera allow attackers to remotely tap into the video streams of the devices and also manipulate the device’s firmware.
 
The vulnerabilities included unencrypted cloud communication, insufficient cloud message authentication and unencrypted LAN communication, according to a May 2, 2019 ESET blog post. 
 
A threat actor can intercept video and audio feeds in a man-in-the-middle (MitM) attack by intercepting network traffic between the viewer app and the cloud or between the cloud and the camera because the transmission of the streams between the camera and the cloud and between the cloud and the client-side viewer app are unencrypted.
 
The flaw can be traced back to a condition within the request.c file, part of the D-Link customized open source boa web server source code, that handles HTTP requests to the camera. All of the HTTP request from 27.0.0.1 are elevated to the admin level, granting a potential attacker full access to the device, researchers found. 
 
Researchers also spotted issues in the device’s “mydlink services” web browser plug-in which allows any application or user on the client’s computer to simply access the camera’s web interface by a simple request without any authorization. 

SOURCE: https://www.scmagazine.com/home/security...-firmware/

[Deep900]

The serious issue there is that the flaw allow the attackers and malcoders to have high privileges and get access easily to D-Link devices. It seems some vulnerabilities of mydlink servives plugin were fixed. Thanks for posting this silver