Company experts Bitdefender found a dangerous problem in the ring-tinted Doorbell Pro smart doorbells manufactured by Amazon. Calls connected to the Internet could be used to intercept the owner’s Wi-Fi credentials, that is, in theory, attackers could gain access to someone else’s network, and then get to other devices connected to it.
Ring Video Doorbell Pro is a smart camera combined with a bell, and the device allows the user to see, hear and talk with someone standing near the door from anywhere in the world. To do this, a smart call must be connected to a Wi-Fi network, which will allow you to remotely access it through a special application.
The problem discovered by the researchers is that when you first configure the device and provide it with a password for Wi-Fi, you must go into a special configuration mode. At this time, a built-in insecure wireless access point is activated at the call, which allows the mobile application to automatically connect to it. But in addition to using an access point without a password, there is one more problem: data exchange between the application and the call is not secure through normal HTTP, and it is at this point that the user tells the device the Wi-Fi password, which is ultimately transmitted in clear text.
Thus, an attacker nearby can connect to this unprotected access point while the configuration process is in progress and steal the Wi-Fi password using the man-in-the-middle attack.
Since the attack can only be carried out during device setup, the researchers proposed a method by which an attacker could force the user to initiate the Ring Video Doorbell Pro configuration again. For example, this can be achieved by continuously sending deauthentication packets to the device so that the device is removed from the wireless network. Then the application will lose contact with the call and inform the user about the need to reconfigure the device.
A fix for this vulnerability has already been released in Ring Video Doorbell Pro, so users are advised to make sure that they have the latest software installed.