Security researchers can access and modify security footage from Nuuo surveillance systems

#1

Originally published at: https://boingboing.net/2018/09/18/nuuo-peekaboo.html

3 Likes
#2

That link to the “tool” just goes to a description of the vulnerability with a warning to upgrade NUUO NVRMini2 or get new software from the OEM. I didn’t find a tool described there that you can run to see if your NVR is vulnerable.

The links to the NIST CVE records don’t actually link to anything. The Tenable Research Advisory is kind of interesting.

#3

Is there a good open source security / video management software? This story is just one of many of the same “internet of shit” stories that will become more and more common.

1 Like
#4

Same here- I’ve been looking at new IP cameras for [RedactedCo], and it looks like the UI on every single one of them is the same damned thing.

And the only reason I’m looking for new IP cameras in the first place is the currently installed ones are a) no longer supported by the company that branded them; b) require Internet Exploiter 6 (!!!) and breaking ActiveX permissions in order to use them; and c) have more holes than a cheerios plant, security wise.

#5

I have tried iSpy. It is open source but suffers from feature bloat that makes it hard to configure and a little unstable. I uninstalled it in favor of the simple stock app that comes with my cameras.

iSpy: Open Source Camera Security Software

closed #6

This topic was automatically closed after 5 days. New replies are no longer allowed.