CVE-2013-3690
Last modified
CVE-2013-3690 is a vulnerability of currently unknown severity. Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add users.. EPSS estimates a 12.38% chance of exploitation in the next 30 days.
Description
Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add users.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Brickcom | 100ap Device Firmware | 3.1.0.8 |
| Brickcom | Fb-100ap | All versions |
| Brickcom | Md-100ap | All versions |
| Brickcom | Ob-100ae | All versions |
| Brickcom | Osd-040e | All versions |
| Brickcom | Wcb-100ap | All versions |
| Brickcom | Wfb-100ap | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-3690?
How severe is CVE-2013-3690?
How do I fix CVE-2013-3690?
Are you affected by CVE-2013-3690?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST