Researchers found over exposing a proprietary protocol called Axis.Remoting online, with nearly 4,000 of them in the United States. The attack chain could enable hackers to:
The results will show links to various cameras. The title of each result will likely include "Live View / - AXIS" followed by a specific model number (e.g., "AXIS 206M").
: Remove cameras from public-facing IP addresses. Place them within a private local area network (LAN) accessible only via a secure VPN or a restricted local network segment (VLAN). intitle live view axis inurl view viewshtml updated
: Turn off Universal Plug and Play on both your router and the camera. Avoid forwarding standard HTTP ports (like port 80 or 8080) directly to the device.
If your search accidentally finds exposed cameras (even not your own), the responsible action is to except possibly notify the owner. Do not view or share the feeds. : Remove cameras from public-facing IP addresses
Let's break down the components of the search query intitle:"Live View" inurl:"view-viewshtml" .
If you search and discover your own camera (or a client’s) appearing in results: Avoid forwarding standard HTTP ports (like port 80
This dork is primarily used by security researchers or hobbyists to find cameras that have been misconfigured to allow without a password. LIVE VIEW AXIS VIEW VIEW SHTML