The IZON surveillance camera sold in Apple Stores and Best Buy outlets is filled with security holes that enable a hacker to easily commandeer the device, a security researcher said.
In this case, the cameras were reportedly hard-coded with a default username/password for the administrator account. According to the researcher, accessing the camera with these credentials allowed full access to view video and change settings. It’s bad enough when brute-force or unknown vulnerabilities are exploited on a camera, but a hard-coded default login?? If accurate, that’s inexcusable.
Read the full article here.