{"id":3131,"date":"2020-02-05T16:43:28","date_gmt":"2020-02-05T16:43:28","guid":{"rendered":"https:\/\/wpbc.a1securitycameras.com\/?p=3131"},"modified":"2023-09-13T16:11:12","modified_gmt":"2023-09-13T16:11:12","slug":"genevias-gsoap-toolkit-vulnerability-detected","status":"publish","type":"post","link":"https:\/\/www.a1securitycameras.com\/blog\/genevias-gsoap-toolkit-vulnerability-detected\/","title":{"rendered":"Genivia&#8217;s gSOAP Toolkit Vulnerability Detected"},"content":{"rendered":"\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/i.shgcdn.com\/cc680533-4196-430a-b075-49d86886ac3a\/-\/format\/auto\/-\/preview\/3000x3000\/-\/quality\/lighter\/\" alt=\"Genivia's gSOAP Toolkit Vulnerability Detected\"\/><\/figure>\n\n\n\n<p>A Vulnerability has been discovered in a Genivia\u2019s gSOAP toolkit which is widely being used for implementing&nbsp;<a href=\"https:\/\/www.a1securitycameras.com\/blog\/most-popular-security-camera-technologies-explained-wdr-poe\/\">ONVIF<\/a>&nbsp;by video surveillance manufacturers.<\/p>\n\n\n\n<p>According to IPVM\u2019s latest article Genivia\u2019s gSOAP toolkit which creates HTTP APIs has a vulnerability. IPVM states that \u201cThe nature of buffer overflow attacks makes them somewhat device specific, and can require trial and error, or deep knowledge of the system itself, to form a successful attack that reveals data or provides root access. Because of this, and the fact that few details of the specific XML formatting required for an exploit are being released it will be hard for this vulnerability will be put to real use.<\/p>\n\n\n\n<p>Similar to most other cyber security vulnerabilities in&nbsp;<a href=\"https:\/\/www.a1securitycameras.com\/networking\/\">network devices<\/a>, restricting network access to the unit will greatly reduce the chance of exploit. Cameras utilizing a VMS or recorder for remote access, instead of being directly connected to the internet, are essentially immune from remote attack (though it is possible for the VMS itself to have vulnerabilities). Additionally, upgrading firmware to manufacturer-recommended versions, as they become available, will eliminate this specific vulnerability.\u201d<\/p>\n\n\n\n<p>To avoid any further damage you should download gSOAP 2.8.48 or higher version. For the latest version of the gSOAP (2.8.49) please click here:&nbsp;<a href=\"https:\/\/www.genivia.com\/downloads.html\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Download and Installation<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A Vulnerability has been discovered in a Genivia\u2019s gSOAP toolkit which is widely being used for implementing&nbsp;ONVIF&nbsp;by video surveillance manufacturers. According to IPVM\u2019s latest article Genivia\u2019s gSOAP toolkit which creates HTTP APIs has a vulnerability. IPVM states that \u201cThe nature of buffer overflow attacks makes them somewhat device specific, and can require trial and error, [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":4849,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[105],"tags":[],"class_list":["post-3131","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-brand-updates"],"_links":{"self":[{"href":"https:\/\/www.a1securitycameras.com\/blog\/wp-json\/wp\/v2\/posts\/3131","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.a1securitycameras.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.a1securitycameras.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.a1securitycameras.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.a1securitycameras.com\/blog\/wp-json\/wp\/v2\/comments?post=3131"}],"version-history":[{"count":3,"href":"https:\/\/www.a1securitycameras.com\/blog\/wp-json\/wp\/v2\/posts\/3131\/revisions"}],"predecessor-version":[{"id":7742,"href":"https:\/\/www.a1securitycameras.com\/blog\/wp-json\/wp\/v2\/posts\/3131\/revisions\/7742"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.a1securitycameras.com\/blog\/wp-json\/wp\/v2\/media\/4849"}],"wp:attachment":[{"href":"https:\/\/www.a1securitycameras.com\/blog\/wp-json\/wp\/v2\/media?parent=3131"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.a1securitycameras.com\/blog\/wp-json\/wp\/v2\/categories?post=3131"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.a1securitycameras.com\/blog\/wp-json\/wp\/v2\/tags?post=3131"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}