Geutebrück IP Security Cameras
Researchers at RandoriSec discovered several high-severity vulnerabilities in the firmware of the Geutebrück-made IP security cameras Geutebrück G-Cam/EFD-2250 version 220.127.116.11 and Topline TopFD-2125 version 3.15.1. According to an ICS-CERT Advisory, the vulnerabilities include improper authentication, improper access control, SQL injection, Cross-Site Request Forgery, Server-Side Request Forgery, and Cross-Site Scripting flaws that, if successfully exploited, could allow a threat actor to conduct proxy network scans, provide database access, download full configuration including passwords, conduct remote code execution, and add an unauthorized user to the system. Additionally, these vulnerabilities could be used by threat actors to gain control of devices and add them to a botnet. Researchers at RandoriSec suspect that these firmware vulnerabilities may exist in other popular IP-based security cameras from various vendors. The NJCCIC recommends users of the affected Geutebrück products review the ICS-CERT Advisory. G-Cam/EFD-2250 camera users are highly recommended to download and update to the newest firmware version 18.104.22.168 by registering for a new WebClub account or logging into an existing account here. We recommend Topline TopFC-2125 users implement the advised workaround provided here, and apply any patches should they become available. All users and administrators of IP-based cameras are encouraged to reduce their network exposure by ensuring their devices are not accessible via the internet, use VPNs for remote access, enable two-factor authentication where available, and always keep devices updated.