IC Realtime ICIP-P2012T is vulnerable to Incorrect Access Control via an open port
IC Realtime IP PTZ Dome Camera ICIP-P2012 software version: 2.420
An exposed port (9989) responds with a live snapshot at the time of request, by using a script, it could be leveraged to have a live feed image every x second. This vulnerability critically affects confidentiality of data and could be used in reconnaissance phase (identify people, passwords etc.) for any threats.
1- Scan camera's IP to check if port 9989 is open.
2- If port is open, run capture.sh
sudo chmod +x capture.sh
./capture.sh <IP>
A snapshot every 2 seconds is saved to a file with camera IP's name
N.B: you can change duration by changing the sleep value at the end of script
[Discoverer]
Youssef Mohamed - Cloud Consultancy for Digitalization & Security