AVTECH IP Camera, DVR, and NVR Devices Cross-Site Request Forgery Vulnerability

A cross-site request forgery (CSRF) vulnerability has been identified in the web interface of AVTECH IP cameras, DVRs, and NVRs. This vulnerability allows attackers to send malicious requests that, when executed in the context of an authenticated user's browser session, can make unauthorized changes to the device's configuration without any user interaction. The vulnerability exists because the web interface lacks proper CSRF protection, enabling attackers to exploit valid user sessions or, in some cases, default admin credentials.

Impact

Exploitation of this vulnerability could lead to unauthorized modifications of the device's settings, potentially allowing for more severe actions such as command injection or authentication bypass, as demonstrated in related vulnerabilities.

Reproduction

The vulnerability can be reproduced by sending a request to the device's web interface that includes the necessary parameters to change the device's configuration. This can be done by exploiting a valid user session, or by using default admin credentials if the user has not changed the password.

Remediation

Users are advised to change the default admin password and avoid exposing the web interface to the internet. AVTECH has released firmware updates for some vulnerabilities, but it's unclear if this specific issue has been addressed.