CVE-2013-3539

Ovislink Airlive Wl2600cam - CSRF

Title source: rule

Description

Cross-site request forgery (CSRF) vulnerability in the command/user.cgi in Sony SNC CH140, SNC CH180, SNC CH240, SNC CH280, SNC DH140, SNC DH140T, SNC DH180, SNC DH240, SNC DH240T, SNC DH280, and possibly other camera models allows remote attackers to hijack the authentication of administrators for requests that add users.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Castillo · htmlremotehardware

https://www.exploit-db.com/exploits/38583

View Code ZIP pw:eip

References (1)

[Exploit] http://seclists.org/fulldisclosure/2013/Jun/84

Scores

EPSS 0.0143

EPSS Percentile 80.7%

Details

CWE

CWE-352

Status published

Products (11)

ovislink/airlive_wl2600cam

sony/snc_ch140

sony/snc_ch180

sony/snc_ch240

sony/snc_ch280

sony/snc_dh140

sony/snc_dh140t

sony/snc_dh180

sony/snc_dh240

sony/snc_dh240t

... and 1 more

Published Oct 01, 2013

Tracked Since Feb 18, 2026