Blog site console-cowboys.blogspot.com has recently posted a nice article on how he was able to view hundreds of Trendnet IP cameras with a few minor tweaks to the URL. Apparently,Trendnet has left a backdoor on its IP cameras that cannot be disabled or closed by the end user through the camera settings. In short by simply adding /anony/mjpg.cgi to a WAN IP address of a Trendnet IP Camera gives you streaming video bypassing login credentials.
This is some scary stuff and hopefully Trendnet acts on this quickly and closes this loophole. In the meantime I would power down any Trendnet IP camera you may have streaming.
Read full article here