If you must operate legacy video streaming software, implement strict security controls to prevent indexation by Shodan and unauthorized access. Enable Strong Authentication
: This vulnerability, present in versions 5.3.2.375 and 5.3.2.410, allowed remote attackers to read arbitrary files on the host computer by using an encoded ..%2F (dot dot slash) in the URI. This could allow an attacker to access sensitive system files, configuration documents, or other data stored on the machine.
Using ../../../../windows/win.ini in the URL path allowed attackers to read any file on the system, including passwords stored in passwd.dat and the software license file.
The developers of webcamXP have long since moved on to newer products. webcamXP 5 has reached its End-of-Life. This means it no longer receives security patches. If a vulnerability is discovered in the software’s web server today, it will never be fixed, making every exposed server a permanent liability.
The sheer volume of webcamXP 5 devices on Shodan in 2021 highlights several critical security failures:
WebcamXP 5 is a commercial Windows-based application that turns a standard USB or IP webcam into a fully functional streaming server. It allows users to broadcast video over the internet, manage motion detection, and export feeds to a web interface. Version 5, released in the mid-2010s, became the most widely pirated and deployed version due to its stability—and its disastrous default security settings.
In the same year, the China National Vulnerability Database (CNVD) published , titled "Unauthorized Access Vulnerability in WebcamXP 5". The bulletin simply stated that an attacker could exploit the vulnerability to obtain sensitive information, and noted that the vendor had not yet released a security patch.
Exposing WebcamXP 5 Vulnerabilities: A Shodan Search Analysis in 2021