CVE-2026-50245

Brickcom cameras allow unauthenticated access to live snapshot images via the /ONVIF endpoint and no authentication is required to retrieve still images from the camera feed...

CVE-2026-50005

Brickcom cameras ship with default credentials that allows any unauthenticated remote attacker to silently access camera feeds...

EUVD-2026-36310

Brickcom cameras ship with default credentials that allows any unauthenticated remote attacker to silently access camera feeds...

CVE-2026-50005 Brickcom Cameras Use of Default Credentials

Brickcom cameras ship with default credentials that allows any unauthenticated remote attacker to silently access camera feeds...

CVE-2026-50005

CVE-2026-50005 affects Brickcom cameras that ship with default credentials, enabling any unauthenticated remote attacker to silently access camera feeds. The documented CVSS metrics indicate a HIGH impact with confidentiality and integrity concerns, Local attack vector, and no user interaction re...

CVE-2026-50245 Brickcom Cameras Missing Authentication for Critical Function

Brickcom cameras allow unauthenticated access to live snapshot images via the /ONVIF endpoint and no authentication is required to retrieve still images from the camera feed...

CVE-2026-50245

The CVE-2026-50245 entry concerns Brickcom cameras that expose live snapshot images unauthenticated through the ONVIF endpoint. The documented impact notes no authentication is required to retrieve still images from the camera feed, indicating a confidentiality and integrity risk to image data. C...

Brickcom Cameras

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow a remote unauthenticated attacker to gain unauthorized access to live video feeds, retrieve sensitive visual information from affected premises, and obtain administrative control of the device. 2. RECOMMENDED PRACTICES...

PT-2026-48735

Brickcom cameras allow unauthenticated access to live snapshot images via the /ONVIF endpoint and no authentication is required to retrieve still images from the camera feed...

PT-2026-48734

Brickcom cameras ship with default credentials that allows any unauthenticated remote attacker to silently access camera feeds...

EUVD-2013-3622

Malware in sbrugna...

EUVD-2013-3623

Malware in sbrugna...

CVE-2013-3690

Cross-site request forgery CSRF vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of administrators for requests that...

Weak Password Vulnerability in Brickcom Cameras at Brickcom Technologies, Inc.

Brickcom Corporation Brickcom is composed of R&D team with rich experience in surveillance industry, and develops digital surveillance products with advanced technology. Including Mega IP Camera, Wireless IP Camera, Video Server, 3G Video Transmission NVR Embedded Network DVR, CMS Client Platform...

CVE-2013-3690

Cross-site request forgery CSRF vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of administrators for requests that...

CVE-2013-3690

CVE-2013-3690 is a CSRF vulnerability in Brickcom devices (FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E and possibly other models) whose firmware 3.1.0.8 and earlier uses the CGI endpoint cgi-bin/users.cgi to add administrators. The issue allows remote attackers to hijack admin au...

CVE-2013-3690

Cross-site request forgery CSRF vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of administrators for requests that...