Stanislav said he contacted Stem Innovation Sept. 6, which started weeks of back-and-forth communications. As of mid-October, he had received no commitment from the vendor that the holes would be fixed.
"I haven't had confirmation that they're fixing or have fixed any of these (problems)," Stanislav said.
Stem Innovation told The Security Ledger that Stanislav's research contained "inaccuracies and misleading information," but declined to elaborate.
Stem Innovation is not the first surveillance camera vendor to be called out for security lapses. The Federal Trade Commission accused TRENDnet of having so poor security in its SecurView cameras that a hacker could post links on the Web to live camera fees, exposing the private lives of customers.
TRENDnet settled the charges by agreeing not to misrepresent the security, privacy, confidentiality or integrity of the information that its cameras or other devices transmit.
Sign up for CIO Asia eNewsletters.