Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add users.
References
Configurations
Configuration 1 (hide)
| AND |
|
History
04 Mar 2025, 19:48
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Brickcom md-100ap
Brickcom wcb-100ap Brickcom ob-100ae Brickcom wfb-100ap Brickcom osd-040e Brickcom Brickcom 100ap Device Firmware Brickcom fb-100ap |
|
| CPE | cpe:2.3:h:brickom:osd-040e:-:*:*:*:*:*:*:* cpe:2.3:o:brickom:100ap_device_firmware:3.1.0.8:*:*:*:*:*:*:* cpe:2.3:h:brickom:md-100ap:-:*:*:*:*:*:*:* cpe:2.3:h:brickom:wfb-100ap:-:*:*:*:*:*:*:* cpe:2.3:h:brickom:fb-100ap:-:*:*:*:*:*:*:* cpe:2.3:h:brickom:wcb-100ap:-:*:*:*:*:*:*:* |
cpe:2.3:h:brickcom:wcb-100ap:-:*:*:*:*:*:*:* cpe:2.3:h:brickcom:md-100ap:-:*:*:*:*:*:*:* cpe:2.3:h:brickcom:osd-040e:-:*:*:*:*:*:*:* cpe:2.3:h:brickcom:ob-100ae:-:*:*:*:*:*:*:* cpe:2.3:h:brickcom:fb-100ap:-:*:*:*:*:*:*:* cpe:2.3:o:brickcom:100ap_device_firmware:3.1.0.8:*:*:*:*:*:*:* cpe:2.3:h:brickcom:wfb-100ap:-:*:*:*:*:*:*:* |
21 Nov 2024, 01:54
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://seclists.org/fulldisclosure/2013/Jun/84 - |
Information
Published : 2013-10-01 19:55
Updated : 2025-03-04 19:48
NVD link : CVE-2013-3690
Mitre link : CVE-2013-3690
CVE.ORG link : CVE-2013-3690
JSON object : View
Products Affected
brickcom
- fb-100ap
- ob-100ae
- md-100ap
- 100ap_device_firmware
- wcb-100ap
- osd-040e
- wfb-100ap
CWE
CWE-352
Cross-Site Request Forgery (CSRF)