Remote Code Execution to Persistent Backdoor in TP-Link Surveillance Camera

I reported this to TP-Link today. Developers please remember to not pass unsanitized input from the internet to the command line It's scary how vulnerable these IOT devices are- especially the ones marketed as security orientated products

Kudos to the author, nice work. It's sad that so many things are still so vulnerable. TP-Link gear is garbage; I think most people knew that already. Honestly, so is most consumer IoT/embedded gear . I did some analysis a while back and found garbage like open telnet ports, old software, and worst of all, cryptographic flaws like constant nonces and IVs. Not to mention the age-old flaw of no TLS on the management interface.

So, an RCE that requires you to know the admin password?