The cameras affected by the vulnerabilities are surveillance cameras, mainly used in enterprises and retail settings and there are dozens of models that contain the vulnerable firmware. Researchers at SEC Consult discovered the backdoors and found that an attacker could use one of them to enable hidden Telnet and SSH services on the cameras and then use the other backdoor to gain root privileges.
“After enabling Telnet/SSH, another backdoor allows an attacker to gain access to a Linux shell with root privileges! The vulnerabilities are exploitable in the default configuration over the network. Exploitation over the Internet is possible, if the web interface of the device is exposed," the researchers said.