Last week, TRENDnet, a California-based maker of residential security cameras announced that it has released a new IP camera firmware upgrade that neutralizes a recently discovered flaw that allowed Internet users to easily gain access to live footage without a password.
According to a statement issued by TRENDnet, the bug only affects camera models sold by the company since April 2010. So far, the company said that they have identified 18 cameras that may require the upgrade.
“A recent product hack revealed a vulnerability present in several TRENDnet SecurView IP cameras,” the company said in the statement. “TRENDnet’s security team understands that video from some TRENDnet IP SecurView cameras may be accessed online in real time. Upon awareness of the issue, TRENDnet initiated immediate actions to quantify the scope of the issue, initiate corrective actions, and publish updated firmware which resolves the issue. “
In a story published by the BBC, Zak Wood, the company’s director of global marketing, blamed the flaw on "a coding oversight." According to the BBC story, the vulnerability was first reported by the technology news website the The Verge, which discovered details about the flaw on a blog in early January.
Anyone with questions about the vulnerability or the firmware upgrade can contact TRENDnet at [email protected].
