Improper Access Restriction in Brickcom Camera Models: Disclosure of Sensitive Information

Improper Access Restriction in Brickcom Camera Models: Disclosure of Sensitive Information

CVE-2013-3689 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:N/A:N

Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information (user names, passwords, and configurations) via a get action.

Learn more about our User Device Pen Test.