By exploiting these vulnerabilities, an attacker is able to intercept the audio/video stream at will. In August 2020, security researcher Paul Marrapese 1 published extensive research 2 detailing security issues affecting the P2P implementations of some vendors. However, the typical scenario involves an internet-reachable node which acts as a mediator between the client that wants to access the audio/video stream, and the device that serves the data.
The technical details vary between vendors and third-party providers of this functionality. Rather than have a user explicitly configure a firewall to let a client reach the device with the video data, “P2P” establishes a connection through a set technique commonly defined by the umbrella term “hole punching”. The video data is available from the cameras or accessed through NVRs. Peer-to-Peer (P2P), in the context of security cameras, refers to functionality that allows a client to access audio/video streams transparently through the internet. Peer-to-Peer Functionality in IoT Security Cameras and Its Security Implications Nozomi Networks Labs’ discovery of Reolink P2P vulnerabilities highlights IoT security risks. Questions have arisen about the security of video surveillance cameras.
0 kommentar(er)
