CVE-2013-3690

Brickcom 100ap Device Firmware - CSRF

Title source: rule

Description

Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add users.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Castillo · htmlremotehardware
https://www.exploit-db.com/exploits/38582

References (1)

Scores

EPSS 0.0139
EPSS Percentile 80.4%

Details

CWE
CWE-352
Status published
Products (7)
brickcom/100ap_device_firmware 3.1.0.8
brickcom/fb-100ap
brickcom/md-100ap
brickcom/ob-100ae
brickcom/osd-040e
brickcom/wcb-100ap
brickcom/wfb-100ap
Published Oct 01, 2013
Tracked Since Feb 18, 2026