
Remote Code Execution to Persistent Backdoor in TP-Link Surveillance Camera - drbenway
https://medium.com/@henrybarker_74817/from-remote-code-execution-to-persistent-backdoor-in-tp-link-tl-sc3130g-wireless-2-way-audio-29a0db1d5546
======
drbenway
I reported this to TP-Link today. Developers please remember to not pass
unsanitized input from the internet to the command line It's scary how
vulnerable these IOT devices are- especially the ones marketed as security
orientated products

------
mmm_grayons
Kudos to the author, nice work. It's sad that so many things are still so
vulnerable. TP-Link gear is garbage; I think most people knew that already.
Honestly, so is most consumer IoT/embedded gear . I did some analysis a while
back and found garbage like open telnet ports, old software, and worst of all,
cryptographic flaws like constant nonces and IVs. Not to mention the age-old
flaw of no TLS on the management interface.

------
jlgaddis
So, an RCE that requires you to know the admin password?

