AOH :: HP Unsorted E :: BT-21865.HTM

Everfocus EDR1600 remote authentication bypass



Everfocus EDR1600 remote authentication bypass
Everfocus EDR1600 remote authentication bypass



**************************************************************
Product: Everfocus EDR1600
Version affected: all
Website: http://www.everfocus.com/ 
Discovered By: Andrea Fabrizi
Email: andrea.fabrizi@gmail.com 
Web: http://www.andreafabrizi.it 
Vuln: remote DVR authentication bypass
**************************************************************

The EDR1600 firmware don't handle correctly users authentication and sessions.

This exploit let you to connect to every remote DVR (without username
and password) and see the live cams :)

Exploit: http://www.andreafabrizi.it/files/EverFocus_edr1600_Exploit.tar.gz 

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.