CVE-2013-3539
Last modified
CVE-2013-3539 is a vulnerability of currently unknown severity. Cross-site request forgery (CSRF) vulnerability in the command/user.cgi in Sony SNC CH140, SNC CH180, SNC CH240, SNC CH280, SNC DH140, SNC DH140T, SNC DH180, SNC DH240, SNC DH240T, SNC DH280, and possibly other camera models allows remote attackers to hijack the authentication of administrators for requests that add users.. EPSS estimates a 6.30% chance of exploitation in the next 30 days.
Description
Cross-site request forgery (CSRF) vulnerability in the command/user.cgi in Sony SNC CH140, SNC CH180, SNC CH240, SNC CH280, SNC DH140, SNC DH140T, SNC DH180, SNC DH240, SNC DH240T, SNC DH280, and possibly other camera models allows remote attackers to hijack the authentication of administrators for requests that add users.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ovislink | Airlive Wl2600cam | All versions |
| Sony | Snc Ch140 | All versions |
| Sony | Snc Ch180 | All versions |
| Sony | Snc Ch240 | All versions |
| Sony | Snc Ch280 | All versions |
| Sony | Snc Dh140 | All versions |
| Sony | Snc Dh140t | All versions |
| Sony | Snc Dh180 | All versions |
| Sony | Snc Dh240 | All versions |
| Sony | Snc Dh240t | All versions |
| Sony | Snc Dh280 | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-3539?
How severe is CVE-2013-3539?
How do I fix CVE-2013-3539?
Are you affected by CVE-2013-3539?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST