I didn't see this link posted here yet, so thought I'd share. This blog post at the link below is a great write-up on gaining unauthorized access to video from a FLIR connected connected DVR. Good stuff.
--Michael
Link: Unauthorized FLIR (Lorex) Cloud Access
TL;DR from the article:
"
--Michael
Link: Unauthorized FLIR (Lorex) Cloud Access
TL;DR from the article:
"
- I got a new FLIR/Lorex DVR in hopes of viewing it through the FLIR cloud without exposing it to the internet.
- The device I received was a Dahua-manufactured DVR.
- I found a flaw in the FLIR Cloud that allows anyone build a tunnel to any port on any FLIR Cloud-connected DVR, so long as they have the device ID.
- I found device IDs on the internet, picked one, tunneled into it, and was able to gain unauthorized access by exploiting a known Dahua issue. These devices support a maximum of 6 character passwords.
- You should care because an attacker who has guessed or happened to view your device ID can build tunnels into your private network to attack weaknesses in your DVR's various interfaces.
