Flaw Allows Hackers to Hijack Foscam Baby Monitors and Surveillance Cameras

Foscam FI8904W Outdoor Wireless IP Camera is among the impacted devices

Experts warn that hackers can remotely hijack certain Foscam IP surveillance cameras and baby monitors by exploiting a vulnerability in their software.

Posts on the Chinese company’s support forum reveal that the web interfaces of certain cameras can be easily accessed. Normally, a username and a password are required, but users can access the interface simply by pressing the OK button when prompted to enter credentials.

According to Brian Krebs, MJPEG devices running firmware version .54 are impacted. The list includes FI8904W, FI8905W, FI8909W, FI8906W, FI8907W, FI8905E, FI8910E, FI8916W, FI8918W, FI8910W and FI8919W.

Foscam has promised to roll out an update to address the issue by the end of this week. In the meantime, Don Kennedy, one of the members of the Foscam support forum who has been involved in diagnosing and reporting the vulnerability, has published a workaround.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s