セキュリティカメラがデフォルトユーザアカウントとパスワードなしで設置されていたとのこと。まぁ一般の人が設置したらそうなるわな。

While consulting to a big financial customer, I discovered the security cameras installed are easily accessible to anyone thanks to a very simple logical flaw. Not to mention default user accounts, empty password sets, the ability to brute force, directory traversal and some classic authorization bypass vulnerabilities.
Most of the security cameras in my country are bought from Korea, some of the software is written by the vendor and some by the distributer. Both of them should pay much more attention to security so we won’t have the same classic vulnerabilities over and over again.
Attached are a few screen captures:

Security Cameras – To See Or Not To See?! – SecuriTeam Blogs