Home Latest Cyber Security News | Network Security Hacking Zero-Day Bugs Spotted In Nooie Baby Monitors
Latest Cyber Security News | Network Security HackingNewsVulnerabilities

Zero-Day Bugs Spotted In Nooie Baby Monitors

by Abeerah Hashim
written by Abeerah Hashim
Nooie baby monitor bugs

Researchers have found numerous bugs affecting Nooie baby monitors. Exploiting the zero-day bugs allows an adversary to  access feeds, and execute code. Despite the severity of the bugs, the vendors are yet to release fixes.

Nooie Baby Monitor Bugs

According to a blog post from Bitdefender, their researchers caught several unpatched zero-day bugs in Nooie baby monitors.

Specifically, they found four different vulnerabilities in the Nooie Cam back in 2020. However, despite reporting the flaws to the vendors right then, the vulnerabilities haven’t attracted the vendor’s attention.

Given the exploitability of such bugs in baby monitors, the researchers decided to publicly disclose the flaws, urging the users to stay vigilant.

Regarding the bugs, the first of these is an information disclosure vulnerability, leaking the device and user ID. This leak happens due to how the device communicates to the MQTT server without authentication. Hence, an adversary can subscribe to the /device/init topic to know the target device’s details.

Then, once connected to the MQTT server (without authentication), the adversary can generate requests to access live feeds of arbitrary cameras. Regarding how this will work, the researchers explained,

This is achieved by publishing a message to the camera’s topic /device/<ID>/cmd, where <ID> is the uuid parameter obtained earlier. The payload must be in JSON format and must include the cmd and url parameters.

The third vulnerability is a stack-based buffer overflow that would allow code execution.

Lastly, an adversary could obtain the AWS credentials for the target device by using the leaked device and user IDs.

The camera uses the /rest/v2/device/get_awstoken endpoint on eu.nooie.com to obtain the AWS credentials used to store recordings on the cloud… The only prerequisites are the IDs leaked on the MQTT server (uuid and uid).

Such explicit access then allows the adversary to access stored recordings, or even reset the AWS bucket.

No Patch Available Yet

The researchers tested two devices – PC100A (Nooie Cam 360) (v1.3.88) and IPC007A-1080P (Nooie Cam Indoor 1080p) (v2.1.94) – in their study.

Since the bugs remain unpatched (until the time of writing this article), the researchers advise users to isolate their baby monitors for safety. For instance, users can restrict SSID access for networks connecting such critical IoT devices.

Also, keeping the devices up-to-date with the latest firmware updates is another strategy to receive the patches whenever released.

Let us know your thoughts in the comments.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

You may also like

Palo Alto Networks Patched A Pan-OS Vulnerability Under...

Apple Removed Numerous Apps From China App Store

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall...

Personal Data Exposed in Massive Global Hack: Understanding...

Guardz Welcomes SentinelOne as Strategic Partner and Investor...

Invision Community Vulnerabilities Risk E-Commerce Websites

Microsoft April Patch Tuesday Fixes Dozens of RCE...

Match Systems publishes report on the consequences of...

Cypago Announces New Automation Support for AI Security...

LayerSlider WordPress Plugin Vulnerability Affected Thousands Of Websites