CVE-2013-3313

The Loftek Nexus 543 IP Camera stores passwords in cleartext, which allows remote attackers to obtain sensitive information via an HTTP GET request to check_users.cgi. NOTE: cleartext passwords can also be obtained from proc/kcore when leveraging the directory traversal vulnerability in CVE-2013-3311.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:loftek:nexus_543_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:loftek:nexus_543:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-11-21 20:15

Updated : 2024-02-04 20:39


NVD link : CVE-2013-3313

Mitre link : CVE-2013-3313

CVE.ORG link : CVE-2013-3313


JSON object : View

Products Affected

loftek

  • nexus_543
  • nexus_543_firmware
CWE
CWE-522

Insufficiently Protected Credentials