IP cam hack: is this an LM or browser vulnerability?

[oldgranola]

Hello,
While looking for ways to test if my IP cams were sufficiently secured i learned a little about NMAP, wireshark/Tshark, angryIPscaner, looked at Kali etc. All looked great from the outside using a remote sever. But then I tried via FF or chrome with webrtc disabled to"arllc.net/findipcam/"it got scary. Holy crap!! found em in minutes and asked for login info (didn't supply of course). I started a couple of VPN's and tried again yet still the cams were identified but from the inside, ie 198.168.0.x etc. . Since it worked even on a vpn, i assume it found some way of using the browser or even the router to run a local scan. Any way to figure out how?

[oldgranola]

BTW I suspect this is a neat application of 'social engineering'. Getting the user to divulge. Check it out but with great caution.

[BigEasy]

You are in local, cam in local, browser in local. There is Java Script in every browsers. It is a programming language running in where? Right! In local.
Not arllc.net/findipcam found your cam, but your browser (btw: browser always knows exactly everything you type. Don't be fool wits asterics in input fileld - it's just prevent from other's eyes over your shoulder, but browser itself always knows exactly what you type).
Well, and your browser tells them everything, and them just shows you the result. But not only! Congradulation, probably your cam in their database Hacking possible not only outside, but inside and this is really no hacking at all because everithing may be done by own hands. I guess you are already knows that. Be carefull.