Release date:
Updated on:
Affected Systems:
Stem Innovation horizon 2.0.2
Description:
--------------------------------------------------------------------------------
Bugtraq id: 63388
CVE (CAN) ID: CVE-2013-6236
Horizon is a Network Camera product produced by Stem Innovation.
In its Linux release version and in its Web application, Horizon uses multiple hard-coded creden。. In addition, it uses Web interface creden。 to access the camera data stream and configuration details, including third-party API keys.
<* Source: Mark Stanislav
Link: http://seclists.org/bugtraq/2013/Oct/149
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Stem Innovation
---------------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://steminnovation.com/izon
Refer:
Https://blog.duosecurity.com/2013/10/izon-ip-camera-hardcoded-passwords-and-unencrypted-data-abound/
Https://securityledger.com/2013/10/apple-store-favorite-izon-cameras-riddled-with-security-holes/
Http://cve.mitre.org/cgi-bin/cvename.cgi? Name = CVE-2013-6236