Another day, another vulnerability! This time the culprit is Samsung Smartcam. The flaw, dubbed iWatch Install.php vulnerability, could allow attackers to gain root access to the device and control it remotely.
The iWatch Install.php Samsung Smartcam Vulnerability Explained
What is Samsung Smartcam? It’s an IP cam that allows the user to connect Samsung’s services and view live or recorded video from various locations. The cam also includes seamless baby or pet monitoring, business and home security and real-time notifications. The cam is user-friendly and easy to configure and use.
However, a problem has been discovered and it is regarding the security of the device. Vulnerabilities have been discovered several times in the past, and it appears that a new one should be added to the list.
According to exploitee.rs, the vulnerability allows gain root access, through a web server that has been previously reported vulnerable. Samsung has attempted to fix the flaws by removing the local web interface and making users access the SmartCloud website. In the meantime the local server was still running. Researchers have discovered that the flaw enables attackers to connect to the web interface as it follows:
The iWatch Install.php vulnerability can be exploited by crafting a special filename which is then stored within a tar command passed to a php system() call. Because the web-server runs as root, the filename is user supplied, and the input is used without sanitization, we are able to inject our own commands within to achieve root remote command execution.
Unfortunately, the vulnerability hasn’t been fixed yet.