Improper Access Restriction in Brickcom Camera Models: Disclosure of Sensitive Information
CVE-2013-3689 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:N/A:N
Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information (user names, passwords, and configurations) via a get action.
Learn more about our User Device Pen Test.