Subscribe via feed.

Iris ID IrisAccess iCAM4000/iCAM7000 Hardcoded Creds / Remote Access

Posted by deepcore on July 28, 2016 – 6:06 am

The Iris ID IrisAccess iCAM4000/7000 series suffer from a use of hard-coded credentials. When visiting the device interface with a browser on port 80, the application loads an applet JAR file ‘ICAMClient.jar’ into user’s browser which serves additional admin features. In the JAR file there is an account ‘rou’ with password ‘iris4000’ that has read and limited write privileges on the affected node. An attacker can access the device using these credentials starting a simple telnet session on port 23 gaining access to sensitive information and/or FTP access on port 21 (with EVERYTHING allowed) and uploading malicious content.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.