RaySharp DVR backdoor root password hard-coded password. Other DVR vendors are also affected, indirectly On its website, RaySharp claims that it ships over 60, units per month. A few days prior, in a separate research, a UK-based security firm also discovered a privacy violation in the firmware of MVPower DVRswhich was secretly taking screenshots of the first camera feed and sending it to the developer's email inbox. Out of the 55 companies named in the RBS vulnerability disclosure, the security company says that only Defender has issued firmware patches to remove the root password. Researchers say that over 55 vendors have agreements with RaySharp to sell devices under their brands. If a hard-coded root password wasn't bad enough, according to RBS researchers, RaySharp has also been selling its devices under other brands, with the same firmware. On its website, RaySharp claims that it ships over 60, units per month.
#Raysharp dvr mobile software full
Once he authenticates on the device, he has full control over its settings, and all of the CCTV video streams.
![raysharp dvr mobile software raysharp dvr mobile software](https://news-cdn.softpedia.com/images/news2/raysharp-dvrs-come-with-hard-coded-root-password-500624-2.jpg)
![raysharp dvr mobile software raysharp dvr mobile software](https://s.alicdn.com/@sc04/kf/H7b86c35392c24ddfaa45dd6ef957972cI.jpg)
Any device left unprotected online can be accessed this way, if the attacker knows its IP or he can access a company LAN. Security firm Risk Based Security RBS discovered the issue last fall and contacted the manufacturer, who failed to address the issue until now. DVR equipment manufactured by Chinese firm RaySharp come with a hard-coded root password that allows attackers to remotely access the device if left unprotected on the Internet.