CVE-2013-3540

Ovislink Airlive Od-2025hd - CSRF

Title source: rule

Description

Cross-site request forgery (CSRF) vulnerability in cgi-bin/admin/usrgrp.cgi in AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, POE100HD, and possibly other camera models allows remote attackers to hijack the authentication of administrators for requests that add users.

Exploits (1)

exploitdb WORKING POC

webappshardware

https://www.exploit-db.com/exploits/26174

View Code ZIP pw:eip

References (1)

[Exploit] http://seclists.org/fulldisclosure/2013/Jun/84

Scores

EPSS 0.0037

EPSS Percentile 59.2%

Details

CWE

CWE-352

Status published

Products (6)

ovislink/airlive_od-2025hd

ovislink/airlive_od-2060hd

ovislink/airlive_poe100hd

ovislink/airlive_poe200hd

ovislink/airlive_poe250hd

ovislink/airlive_poe2600hd

Published Oct 04, 2013

Tracked Since Feb 18, 2026