CVE-2013-3689

Published: Oct 4, 2013Modified: Apr 29, 2026

7.8

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Exploitability: 10.0 / Impact: 6.9

Source: NVD

Description

Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information (user names, passwords, and configurations) via a get action.

Affected (7)

Products: Brickcom: 100ap Device Firmware, Fb 100ap, Md 100ap, Ob 100ae, Osd 040e, Wcb 100ap, Wfb 100ap

Brickcom

7 products

100ap Device Firmware

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Brickcom 100ap Device Firmware	Up to 3.0.6.16c1
Brickcom Fb 100ap	All versions
Brickcom Md 100ap	All versions
Brickcom Ob 100ae	All versions
Brickcom Osd 040e	All versions
Brickcom Wcb 100ap	All versions
Brickcom Wfb 100ap	All versions

Related CWEs

CWE-264

References (2)

http://seclists.org/fulldisclosure/2013/Jun/84

Source: cve@mitre.org

http://seclists.org/fulldisclosure/2013/Jun/84

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.