130,000 Avtech IP cameras, DVRs can be easily roped into IoT botnets

Security researcher Gergely Eberhardt has unearthed over dozen of vulnerabilities in most IP cameras, NVRs and DVRs by Taiwanese manufacturer Avtech, including things like plaintext storage of administrative password and authentication bypass flaws.

Eberhardt, who works for Hungarian security testing outfit Search Lab, says a final tally would likely be even higher, as these vulnerabilities were found within a short period of time and the research was done without a systematic approach.

According to the advisory published by Search Lab, they have repeatedly tried to get in touch with Avtech to share their findings with them but had no luck on that front. So, they finally released vulnerability details to the public – a whole year after they discovered them.

Along with the advisory they have published POC scripts for some of flaws.

“According to Shodan, more than 130.000 Avtech devices are exposed to the internet,” Search Lab noted.

With all this information now public, and no patches from the manufacturer, these devices are ripe for getting compromised and conscripted into botnets.

IoT-based botnets are springing up like mushrooms after the rain.

The researchers advise users of Avtech devices to change the default admin password, and to make their web interface is inaccessible over the Internet.