CVE-2013-3689
Summary
| CVE | CVE-2013-3689 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2013-10-04 23:55:03 UTC |
| Updated | 2026-04-29 01:13:23 UTC |
| Description | Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information (user names, passwords, and configurations) via a get action. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
CompleteIntegrity
NoneAvailability
NoneAV:N/AC:L/Au:N/C:C/I:N/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Brickcom | 100ap Device Firmware | All | All | All | All |
| Hardware | Brickcom | Fb-100ap | - | All | All | All |
| Hardware | Brickcom | Md-100ap | - | All | All | All |
| Hardware | Brickcom | Ob-100ae | - | All | All | All |
| Hardware | Brickcom | Osd-040e | - | All | All | All |
| Hardware | Brickcom | Wcb-100ap | - | All | All | All |
| Hardware | Brickcom | Wfb-100ap | - | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Full Disclosure: Security Analysis of IP video surveillance cameras | af854a3a-2127-422b-91ae-364da2661108 | seclists.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.