Vulnerabilities (CVE)

Filtered by vendor Brickom Subscribe
Filtered by product Md-100ap
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-3690 1 Brickom 7 100ap Device Firmware, Fb-100ap, Md-100ap and 4 more 2024-11-21 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add users.
CVE-2013-3689 1 Brickom 7 100ap Device Firmware, Fb-100ap, Md-100ap and 4 more 2024-11-21 7.8 HIGH N/A
Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information (user names, passwords, and configurations) via a get action.