Misconfigured Baby Monitors Allow Unauthorized Viewing

2021-02-16 16:50

A vulnerability affecting multiple baby monitors could allow someone to drop in and view a camera's video stream, according to researchers.

"A server header is a strip of information provided with RTSP that details numerous factors, including the device type. The server header gives us evidence of which devices provide unauthorized access."

"Around 10 percent of these cameras are used for viewing house interiors, like living rooms or hallways. Most of the remaining cameras are baby monitors, being used to check up on children, or as cameras in child daycare centers, or retirement homes."

If a parent uses these cameras to view their video streams from outside of the home, these devices can quite easily become misconfigured, allowing unauthorized access without the owners realizing it.

If the device does not allow users to set a password, avoid exposing it to the internet altogether.

Research each device thoroughly before buying, to make sure it's a legitimate baby monitor and not a repackaged Wi-Fi webcam.

News URL

https://threatpost.com/baby-monitors-unauthorized-viewing/163982/