Comment by joshstrange
2 years ago
Correct me if I’m wrong but that appears to apply to the cameras themselves which are not on my network. They plug directly into the NVR (which provides PoE) and are not exposed to the network at large.
2 years ago
Correct me if I’m wrong but that appears to apply to the cameras themselves which are not on my network. They plug directly into the NVR (which provides PoE) and are not exposed to the network at large.
Why do you assume the NVR is free from hardcoded creds?
Because it’s not listed in the list of affected devices. Also if that’s a concern then don’t expose the NVR. Use something like tailscale or a VPN to access it remotely (or don’t access it remotely).
Yeah but now everyone in your wifi range with commonly available hardware has access to your NVR and by extension your cameras.
And actually if any of your network machines or devices are breached, the attackers now have NVR/cam access.
4 replies →