Short Name |
HTTP:MISC:WIFICAM-AUTH-BYPASS |
---|---|
Severity |
Minor |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Wireless IP Camera P2P WIFICAM Camera Authentication Bypass |
Release Date |
2017/10/24 |
Update Number |
3000 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Wireless IP Camera. Attackers could bypass security restrictions to gain unauthorized access to user accounts.
On Wireless IP Camera (P2P) WIFICAM devices, access to .ini files (containing credentials) is not correctly checked. An attacker can bypass authentication by providing an empty loginuse parameter and an empty loginpas parameter in the URI.