UPnP allows network devices to seamlessly discover each other and automatically open ports on the local router. While convenient, UPnP often automatically maps camera streaming ports (like port 80 or 8080) to the public WAN IP address without the user’s explicit awareness. 3. Misconfigured Port Forwarding
Axis regularly releases firmware updates that patch known vulnerabilities. Keep your devices current. inurl axis cgi mjpg motion jpeg top
Most network cameras are not exposed due to software vulnerabilities. Instead, they are exposed because of human error during installation. 1. Default Credentials UPnP allows network devices to seamlessly discover each
Search engines are also becoming more aggressive. Google has started demoting and removing URLs that contain live video streams, but the cat-and-mouse game continues as attackers move to specialized IoT search engines like Shodan, Censys, and ZoomEye. Instead, they are exposed because of human error
Historically, many Axis cameras shipped with well-known default credentials like "root" for the username and "pass" for the password. A Tenable vulnerability plugin explicitly flagged the configuration 'root'/'pass' as a security risk, noting that "the remote host is running an Axis Webcams server with the default login and password set."
Unless absolutely necessary (e.g., a public traffic webcam), do not port forward the camera’s HTTP interface (port 80, 443, or 8080). Use a VPN to access your cameras remotely.