A vulnerability in the command/user.cgi
plug-in of Sony network cameras could allow an unauthenticated, remote attacker to conduct cross-site request forgery (CSRF) attacks.
The vulnerability is due to improper validation of certain user-supplied HTTP requests by the affected software. An attacker could exploit this vulnerability by convincing an authenticated user to follow a malicious URL. When processed, the URL could allow the attacker to submit malformed HTTP POST request to the affected device via the affected web browser with the privileges of the user. Successful exploitation could allow the attacker to conduct further attacks.
The following Sony CH and DH Series IP Cameras are affected:
Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available.
Administrators are advised to implement an intrusion prevention system (IPS) or intrusion detection system (IDS) to help detect and prevent attacks that attempt to exploit this vulnerability.
For additional information about CSRF attacks and potential mitigation methods, see the Cisco Applied Mitigation Bulletin Understanding Cross-Site Request Forgery Threat Vectors
Sony has not confirmed this vulnerability and software updates are not available.