CVE-2013-3689

Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information (user names, passwords, and configurations) via a get action.

FULLDISC: http://seclists.org/fulldisclosure/2013/Jun/84
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3689

8 years
235 countries
280k users
1718k calculations
Logo www.a1securitycameras.com
Logo www.i4wifi.cz
Logo blog.camcloud.com
Logo www.inv-technology.com
Logo www.kelcom.cz
Logo reolink.com