Amusing addition to the vulnerability found in the Axis Network Camera HTTP server. Apparently the de-facto e-mail address for SMTP alerts is set to mail@somewhere.com and if this feature is enabled without changing the destination address, somewhere.com gets some very amusing insight as to what is being watched. Original vulnerability information is posted here.
225016262e5a5cb529003c7be0a202c691267391dccb9c88e1e937a94f4e7f81