Cross-site request forgery (CSRF) vulnerability in the command/user.cgi in Sony SNC CH140, SNC CH180, SNC CH240, SNC CH280, SNC DH140, SNC DH140T, SNC DH180, SNC DH240, SNC DH240T, SNC DH280, and possibly other camera models allows remote attackers to hijack the authentication of administrators for requests that add users.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2013/Jun/84 | Exploit |
http://seclists.org/fulldisclosure/2013/Jun/84 | Exploit |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:53
Type | Values Removed | Values Added |
---|---|---|
References | () http://seclists.org/fulldisclosure/2013/Jun/84 - Exploit |
Information
Published : 2013-10-01 19:55
Updated : 2024-11-21 01:53
NVD link : CVE-2013-3539
Mitre link : CVE-2013-3539
CVE.ORG link : CVE-2013-3539
JSON object : View
Products Affected
sony
- snc_dh180
- snc_dh140t
- snc_dh240
- snc_dh240t
- snc_ch140
- snc_ch180
- snc_ch280
- snc_dh140
- snc_ch240
- snc_dh280
ovislink
- airlive_wl2600cam
CWE
CWE-352
Cross-Site Request Forgery (CSRF)