It can be used to execute the RCE as root. (#cloud) **The vulnerabilities in the Cloud management affect a lot of P2P or "Cloud" cameras.** **My tests have shown that the InfoLeak affecting the GoAhead server running on the camera affects at least 1250+ camera models. The summary of the vulnerabilities is: 1. Because of code reusing, the vulnerabilities are present in a huge list of cameras (especially the InfoLeak and the RCE), **which allow to execute root commands against 1250+ camera models with a pre-auth vulnerability**. The HTTP interface is different for each vendor but shares the same vulnerabilities. So, cameras are sold under different names, brands and functions. Wireless IP Camera (P2) WIFICAM is one of the branded cameras.
#Wanscam aj c0wa c0d8 firmware software#
It seems that a generic camera is being sold by a Chinese company in bulk (OEM) and the buyer companies resell them with custom software development and specific branding. This camera is very similar to a lot of other Chinese cameras. !() # Vulnerabilities Summary The Wireless IP Camera (P2) WIFICAM is a camera overall badly designed with a lot of vulnerabilities. # Product Description The Wireless IP Camera (P2P) WIFICAM is a Chinese web camera which allows to stream remotely. A weak password recovery scheme totally undermines the effectiveness of a strong password scheme. An attacker can then try to log in into one of the victim's accounts, click on "forgot password" and there is a good chance that the security question there will be to provide mother's maiden name.
#Wanscam aj c0wa c0d8 firmware verification#
An attacker could for instance overhear a coworker talking to a bank representative at the work place and supplying their mother's maiden name for verification purposes. These generic security questions are also re-used across many applications, thus making them even more insecure. Unfortunately in many cases this information is not very hard to find, especially if the attacker knows the legitimate user. For instance, mother's maiden name tends to be a fairly popular one.
![wanscam aj-c0wa-c0d8 firmware wanscam aj-c0wa-c0d8 firmware](https://m.media-amazon.com/images/I/61hTMcGxsEL._AC_SX425_.jpg)
Most of them use only one security question. Generally password recovery schemes tend to be weak and insecure. An attacker may take advantage of the application feature to help users recover their forgotten passwords in order to gain access into the system with the same privileges as the original user.