CVE-2017-3186

Description

ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC use non-random default credentials across all devices. A remote attacker can take complete control of a device using default admin credentials.

Affected products

• ACTi Corporation / ACTi D, B, I, and E series camerasA1D-500-V6.11.31-AC – A1D-500-V6.11.31-AC

References

• MISChttps://twitter.com/hack3rsca/status/839599437907386368
• MISChttp://www.securityfocus.com/bid/96720/info
• MISChttps://twitter.com/Hfuhs/status/839252357221330944
• MISChttps://www.kb.cert.org/vuls/id/355151