Serious Segurity Bug in NC250

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Serious Segurity Bug in NC250

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Serious Segurity Bug in NC250
Serious Segurity Bug in NC250
2017-07-02 21:14:06
Model :

Hardware Version :

Firmware Version :

ISP :


I contacted with a Techical support 2 Montch ago because I detect a serius Segurity Bug in The NC250 . the answer is very very bad. " We will correct the bug in the future" ... Never being clear.

Today I'm going to make the bug public

Descripcion:

This bug allow view the video and audio without Password or user if you has change the password.

Product Affected:

TP-LINK NC250 and more models its possible

Firmware afected:

1.2.1 build 170515 or less (all version is affected)

Exploit the bug:

1º Conect to Local Network the camera (WIFI or ethernet)
2º Open VLC software in your computer connected to the Local Network and open network URL:
3º Write this rtsp://admin@yourip:554/h264_hd.sdp
4º and play

The system not check the password. Its the same change the password or no.
  0      
  0      
#1
Options