Vulnerabilities > Brickom > 100Ap Device Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-10-04 | CVE-2013-3689 | Permissions, Privileges, and Access Controls vulnerability in Brickom products Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information (user names, passwords, and configurations) via a get action. | 7.8 |
2013-10-01 | CVE-2013-3690 | Cross-Site Request Forgery (CSRF) vulnerability in Brickom products Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add users. | 6.8 |