Security > miscellaneous – Vivotek MD9584-HF3 5MP Outdoor Network Mobile Dome Camera with Night Vision, Heater & 3.6mm Lens User Manual

VIVOTEK

118 - User's Manual

Security > Miscellaneous

The embedded TrendMicro utitlity provides the protection against Cross-Site Request

Forgery. Cross-site request forgery is also known as one-click attack or session riding and

is abbreviated as CSRF. CSRF is a type of malicious exploit of a website, in this case, the

camera. Unauthorized commands are transmitted from a user that the web application

trusts, using the mechanism of forging a trusted user's own request with a request

containing his own cookies, etc. Different ways can be used for a malicious website to

transmit such commands. They can be specially-crafted image tags, hidden forms, and

JavaScript XMLHttpRequests. The malicious attack can occur without users' interaction or

even knowing it.