Vulnerabilities > Brickom

DATE CVE VULNERABILITY TITLE RISK
2013-10-04 CVE-2013-3689 Permissions, Privileges, and Access Controls vulnerability in Brickom products
Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information (user names, passwords, and configurations) via a get action.
network
low complexity
brickom CWE-264
7.8
2013-10-01 CVE-2013-3690 Cross-Site Request Forgery (CSRF) vulnerability in Brickom products
Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add users.
network
brickom CWE-352
6.8