camera with ivy

Is the gSOAP Vulnerability Really a Surprise for IP camera users?

It has recently been identified and reported that the ubiquitous gSoap library used in many vendors IP cameras is subject to a stack buffer overflow vulnerability (CVE-2017-9765), referred to as Devil’s Ivy by the discoverers Senrio Labs. Devil’s Ivy results in remote code execution, and was found in an open source third-party code library, from gSOAP. When exploited, it allows an attacker to remotely access a video feed or deny the owner access to the feed. This has resulted in widespread concern, however should the existence and widespread exposure to this sort of problem really be a surprise? There have been a number of estimates for the ratio of number…

Details