CVE-2013-3686

2013-10-1121:00:00

mitre

www.cve.org

cve-2013-3686

remote attackers

administrator password

cgi-bin/operator/param

camera models

AI Score

7.5

Confidence

High

EPSS

0.114

Percentile

95.3%

JSON

cgi-bin/operator/param in AirLive WL2600CAM and possibly other camera models allows remote attackers to obtain the administrator password via a list action.

References

seclists.org/fulldisclosure/2013/Jun/84