02-06-2021 , 11:19 PM
Walmart and Amazon are continuing to sell faulty smart doorbells and cameras filled with vulnerabilities that could expose customers’ sensitive information, according to research published Thursday.
The vulnerabilities, found in Geeni- and Merkury-branded security cameras and smart doorbells, would allow attackers to take full control of devices and remotely disable cameras through a denial of service attack in some cases, according to the research. In others, the flaws could allow for the the disclosure of sensitive information and unauthenticated access.
Some other exploits would allow attackers to gain remote access to a stream of one of the affected doorbell cameras.
The flaws variously affect Merkury/Geeni doorbell models GNC-CW013, GNC-CW025 and MI-CW024 and camera models GNC-CW003, GNC-CW010, GNC-CW028 and MI-CW017, according to the research. Merkury is Geeni’s parent company.
Security cameras and doorbells that connect to the internet have been plagued by flaws for years. Just last month a TechCrunch investigation revealed that Amazon’s Ring doorbell app Neighbors could expose users’ location and home addresses. Two years ago Ring customers’ passwords were exposed in a massive leak that could allow third parties to access live cameras feeds.
Source
The vulnerabilities, found in Geeni- and Merkury-branded security cameras and smart doorbells, would allow attackers to take full control of devices and remotely disable cameras through a denial of service attack in some cases, according to the research. In others, the flaws could allow for the the disclosure of sensitive information and unauthenticated access.
Some other exploits would allow attackers to gain remote access to a stream of one of the affected doorbell cameras.
The flaws variously affect Merkury/Geeni doorbell models GNC-CW013, GNC-CW025 and MI-CW024 and camera models GNC-CW003, GNC-CW010, GNC-CW028 and MI-CW017, according to the research. Merkury is Geeni’s parent company.
Security cameras and doorbells that connect to the internet have been plagued by flaws for years. Just last month a TechCrunch investigation revealed that Amazon’s Ring doorbell app Neighbors could expose users’ location and home addresses. Two years ago Ring customers’ passwords were exposed in a massive leak that could allow third parties to access live cameras feeds.
Source