Table of Contents
Advertisement
VIVOTEK
Security > Miscellaneous
The firmware provides the protection against Cross-Site Request Forgery. Cross-site
request forgery is also known as one-click attack or session riding and is abbreviated
as CSRF. CSRF is a type of malicious exploit of a website, in this case, the camera.
Unauthorized commands are transmitted from a user that the web application trusts,
using the mechanism of forging a trusted user's own request with a request containing
his own cookies, etc. Different ways can be used for a malicious website to transmit such
commands. They can be specially-crafted image tags, hidden forms, and JavaScript
XMLHttpRequests. The malicious attack can occur without users' interaction or even
knowing it.
User's Manual - 113
Advertisement
Table of Contents
