PLANEX CS-QP50F-ING2 Remote Configuration Disclosure Vulnerability

A remote configuration disclosure vulnerability exists in PLANEX CS-QP50F-ING2 smart cameras. The vulnerability arises from a backup interface exposed over HTTP that lacks authentication. This allows remote, unauthenticated attackers to retrieve a compressed configuration backup file directly from the device. The backup file contains sensitive information, including credentials, which could be used to gain administrative access to the camera, thereby compromising the confidentiality of the monitored environment.

Impact

Exploitation of this vulnerability allows for unauthorized access to the camera's configuration, including sensitive credentials, potentially leading to administrative access and a breach of privacy in monitored areas.

Reproduction

The vulnerability can be reproduced by sending an HTTP GET request to the camera's backup interface. This request can be made using a web browser or a tool like curl. The response will include the compressed configuration backup file, which can be extracted to reveal sensitive information such as usernames and passwords.