Serious Segurity Bug in NC250
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Serious Segurity Bug in NC250
Hello
I contacted with a Techical support 2 Montch ago because I detect a serius Segurity Bug in The NC250 . the answer is very very bad. " We will correct the bug in the future" ... Never being clear.
Today I'm going to make the bug public
Descripcion:
This bug allow view the video and audio without Password or user if you has change the password.
Product Affected:
TP-LINK NC250 V1 and more models its possible
Firmware afected:
1.2.1 build 170515 or less (all version is affected)
Exploit the bug:
1º Conect to Local Network the camera (WIFI or ethernet)
2º Open VLC software in your computer connected to the Local Network and open network URL:
3º Write this rtsp://admin@yourip:554/h264_hd.sdp
4º and play
The system not check the password. Its the same change the password or no.
I contacted with a Techical support 2 Montch ago because I detect a serius Segurity Bug in The NC250 . the answer is very very bad. " We will correct the bug in the future" ... Never being clear.
Today I'm going to make the bug public
Descripcion:
This bug allow view the video and audio without Password or user if you has change the password.
Product Affected:
TP-LINK NC250 V1 and more models its possible
Firmware afected:
1.2.1 build 170515 or less (all version is affected)
Exploit the bug:
1º Conect to Local Network the camera (WIFI or ethernet)
2º Open VLC software in your computer connected to the Local Network and open network URL:
3º Write this rtsp://admin@yourip:554/h264_hd.sdp
4º and play
The system not check the password. Its the same change the password or no.
