cbcvebase.
CVE-2013-3586
published 2013-08-28

CVE-2013-3586: Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie.

PriorityP264high7.6CVSS 2.0
AVNACHAuNCCICAC
EXPLOIT
EPSS
11.61%
95.5th percentile
Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie.

Detection & IOCsextracted from sources · hover to see the quote

cookieSessionID=<arbitrary value>
urlhttp://<target>/cgi-bin/setup_user
  • Monitor HTTP requests to /cgi-bin/setup_user on Samsung DVR Web Viewer instances; unauthenticated or anomalous access to this endpoint indicates exploitation of the authentication bypass.
  • Detect authentication bypass attempts by inspecting cookies for a SessionID field set to arbitrary/non-issued values on Samsung DVR Web Viewer login flows.
  • ·Vulnerability affects Samsung DVR devices running firmware version 1.10; scope of affected firmware versions beyond 1.10 is not confirmed in available sources.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.