| Many Hikvision IP cameras contain a backdoor that allows unauthenticated impersonation of any configured user account. In addition to Hikvision-branded devices, it affects many white-labeled camera products sold under a variety of brand names. Hundreds of thousands of vulnerable devices are still exposed to the Internet at the time of publishing. In addition to gaining full administrative access, the vulnerability can be used to retrieve plain-text passwords for all configured users. |
