Incorrect Access Control in getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166
CVE-2018-3813 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVI_USER_ID and AVI_USER_PASSWORD fields via a direct request.
Learn more about our User Device Pen Test.