Home SECURITY Experts have discovered vulnerabilities in smart Dogness feeders

Experts have discovered vulnerabilities in smart Dogness feeders

Experts have discovered vulnerabilities in smart Dogness feeders


Spy Feeders: Experts Find Vulnerabilities in Smart Dogness Feeders

Vulnerabilities allow attackers to control the device and steal data from the camera and microphone.

Smart pet feeders that allow owners to control feeding schedules and portions, as well as see and hear their pets through a built-in camera and microphone, can be a tool for espionage and sabotage. Kaspersky Lab experts have discovered a number of vulnerabilities in one of the popular models of such devices, Dogness. They allow attackers to remotely control the feeder, execute arbitrary code on it, and steal video and audio recordings from the camera and microphone. The manufacturer has been informed of the problem.

Smart pet feeders are devices that connect to your home Wi-Fi network and sync with a mobile app. With it, the owner can set up a feeding schedule, dose portions, and see and hear his pet in real time. Such gadgets are becoming more and more popular among people who are often away from home or want to monitor the condition of their animals.

However, such devices are not always safe in terms of cyber security. Kaspersky Lab experts analyzed one of the most common models of smart feeders – Dogness – and found several serious vulnerabilities in it. They are related to the insecure process of updating the firmware of the device and the principles of hard coding of credentials, login and password.

The most dangerous vulnerability is that a Telnet server is running on the device, which provides remote root access * through the default port. At the same time, the password for a user with this type of access is specified in the firmware and cannot be changed. This means that if an attacker extracts the firmware, he can get the password and take control of any device of the same model, since they have the same root passwords. If the attacker has access to the victim’s home network, he can execute any code on the device, change settings, and steal sensitive data, including videos that are sent from the feeder camera to the cloud.

Such vulnerabilities can turn a pet feeder into a tool for spying on owners and their surroundings. In addition, interfering with the feeding schedule can compromise a pet’s health if it receives too much or too little food.

Kaspersky Lab reported all vulnerabilities found to the manufacturer and recommended that owners of smart feeders regularly update the firmware and software of their devices, as well as follow basic rules of digital hygiene.


Source link



Please enter your comment!
Please enter your name here