Brickcom 100Ap Device Firmware vulnerabilities
2 known vulnerabilities affecting brickcom/100ap_device_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2013-3690P3MEDIUMCVSS 6.8PoCv3.1.0.82013-10-01
CVE-2013-3690 [MEDIUM] CWE-352 CVE-2013-3690: Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap
Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add users.
nvd
CVE-2013-3689P4HIGHCVSS 7.8≤ 3.0.6.16c12013-10-04
CVE-2013-3689 [HIGH] CWE-264 CVE-2013-3689: Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera mod
Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information (user names, passwords, and configurations) via a get action.
nvd