Filtered by vendor Brickom
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-3689 | 1 Brickom | 7 100ap Device Firmware, Fb-100ap, Md-100ap and 4 more | 2013-10-07 | 7.8 HIGH | N/A |
Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information (user names, passwords, and configurations) via a get action. | |||||
CVE-2013-3690 | 1 Brickom | 7 100ap Device Firmware, Fb-100ap, Md-100ap and 4 more | 2013-10-02 | 6.8 MEDIUM | N/A |
Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add users. |