Are OWASP concerns tested against this software?

netcamstudio
service

#1

I am wondering if the general OWASP concerns have been implemented for and tested with this software. I am currently exposing Netcam Studio service on port 8080 to the outside world. I had an interesting hit today that appears as if someone tried injecting code into the login page. See attached.


#2

Hi! I forwarded your concern and received the following answer:
“Regarding the vulnerability / attacks to Netcam Studio, one that was reported has been fixed in 1.2.8 so at this stage no other known vulnerability. Yes it was already protected and tested against the most known one.”
-Henrik


#3

This is just a report of an attempt (which would have no impact in NCS). And yes we are testing and we have some mechanism to protect against such attacks however it has happened to have some vulnerabilities.

We are usually fixing them with the highest priority as soon as they are disclosed, for this reason, it’s suggested to run the latest version whenever possible.