.png)
3 hours ago
4 BOOK THIS SPACE FOR AD
ARTICLE AD
In a concerning trend, hackers are actively exploiting two zero-day vulnerabilities in PTZOptics pan-tilt-zoom (PTZ) live streaming cameras, commonly used across industrial, healthcare, business conferences, government, and courtroom settings. 💼🏥🏛️
Vulnerabilities CVE-2024–8956 and CVE-2024–8957 allow unauthorized access and command injection via the camera’s CGI-based API.
CVE-2024–8956: Weak authentication in the camera’s lighthttpd web server exposes sensitive information, including usernames and MD5 password hashes. 🔑CVE-2024–8957: Insufficient input sanitization allows attackers to execute remote commands, risking complete camera takeover and disruption of video feeds. 📡Exploitation of these flaws can lead to:
Complete control over the camera 🎥Bot infections 💻Pivoting attacks on other devices in the network 🌐Disruption of critical video feeds 📉GreyNoise has collaborated with VulnCheck for responsible disclosure. While PTZOptics released a security update, some older models have not received the necessary firmware updates, leaving them vulnerable. 🛠️
Users are urged to check with their device vendors for the latest firmware updates to mitigate risks associated with these vulnerabilities. Protect your networks and devices to prevent potential cyber-attacks. 🛡️
Stay informed about the latest cybersecurity threats and ensure your devices are secure! At Wire Tor, we specialize in cybersecurity solutions that keep your systems safe from vulnerabilities. 💪🔒
Bengali (Bangladesh) · 
English (United States) ·