Many Baby Monitors are Hackable.

A security company on Wednesday released a report on an assortment of new vulnerabilities in baby monitors from several manufacturers: predictable information leaks; backdoor credentials; reflective, stored XSS; direct browsing; authentication bypass; and privilege escalation. Backdoor credentials -- the vulnerability most frequently found -- showed up in five products from different manufacturers.News that a hacker had breached a baby monitor in a Houston family's home kicked off an uproar a couple of years ago -- but things haven't changed in the baby monitor industry.

What's wrong with the baby monitor vendors? "Vendors in the Internet of Things are still very much learning just how complex the devices and ecosystem really is to secure," said company president, Victor Stanislav. Also, many of the vendors in the baby market space are newer companies that leverage many third parties, he said, and firmware for the components in the devices is "often years old, contributing to the lack of security." In the race to market and bring products to consumers, inattention to security is likely to be an issue, said Craig Spiezle, executive director of the Online Trust Alliance.

Credits:
http://abc7chicago.com/news/some-top-baby-monitors-lack-basic-security-features-report-says/968884/