BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

Brickcom Network Cameras Multiple Vulnerabilities

Disclosed June 12, 2013    Zeroday : 446 days

Vulnerability Description:

Brickcom surveillance products use firmware that contain multiple vulnerabilities that a remote attacker may leverage to gain access to sensitive information, elevate privileges, or perform cross-site request forgery attacks.

Vendors:

Brickcom

Vulnerable Software/Devices:

Brickcom FB-100Ap, WCB-100Apm, MD-100Apm, WFB-100Ap, OB-100AE, OSD-040e, with firmware versions v3.0.6.7, v3.0.6.12, v3.0.6.16C1,  v3.1.0.8, v3.1.0.4. Older versions of the firmwares may be affected. 

Vulnerability Severity:

Medium

Exploit Availability:

Publicly Available

Exploit Impact:

Elevation of Privilege
An attacker may be able to view and modify information that is supposed to only be available to an administrator user. An attacker can use this to gain access to the device with elevated privileges.

BeyondTrust Prevention and Detection:

BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.

  • 19754 - Brickcom Network Cameras Multiple Vulnerabilities (Zero-Day)

Mitigation:

No mitigations currently available.

Links:

CVE(s):