| |
Vulnerability CVE-2013-3689
Published: 2013-10-04 Modified: 2013-10-05
Description: |
Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information (user names, passwords, and configurations) via a get action. |
See advisories in our WLB2 database: | Topic | Author | Date |
High |
| Eliezer Varade L... | 13.06.2013 |
Type:
CWE-264 (Permissions, Privileges, and Access Controls)
CVSS2 => (AV:N/AC:L/Au:N/C:C/I:N/A:N)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
7.8/10 |
6.9/10 |
10/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
Complete |
None |
None |
References: |
http://seclists.org/fulldisclosure/2013/Jun/84
|
|
|
Copyright 2024, cxsecurity.com
|
|
|