11 matches found
Brickstream 2300 Device Information Disclosure Vulnerability
The Brickstream 2300 devices is a passenger flow counting and analyzing sensor device. A security vulnerability exists in the Brickstream 2300 device. A remote attacker can exploit this vulnerability by sending a direct request to the basic.htmlipsettings or basic.htmldatadelivery URIs to obtain...
Information disclosure
Brickstream 2300 devices allow remote attackers to obtain potentially sensitive information via a direct request for the basic.htmlipsettings or basic.htmldatadelivery URI...
CVE-2018-12920
Brickstream 2300 devices allow remote attackers to obtain potentially sensitive information via a direct request for the basic.htmlipsettings or basic.htmldatadelivery URI...
CVE-2018-12920
The CVE-2018-12920 entry concerns Brickstream 2300 devices. Affected component: the device’s HTTP endpoints exposed via the URIs basic.html#ipsettings and basic.html#datadelivery. Root cause: information disclosure allowing remote attackers to obtain potentially sensitive information by directly ...
CVE-2018-12920
Brickstream 2300 devices allow remote attackers to obtain potentially sensitive information via a direct request for the basic.htmlipsettings or basic.htmldatadelivery URI...
FLIR Brickstream 2300 Access Control Error Vulnerability
The FLIR Brickstream 2300 is a customer flow analysis and statistics device from FLIR Canada. An access control error vulnerability exists in the getConfigExportFile.cgi file in the FLIR Brickstream 2300 version 2.0 4.1.53.166. An attacker could exploit this vulnerability to obtain information...
Design/Logic Flaw
getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVIUSERID and AVIUSERPASSWORD fields via a direct request...
CVE-2018-3813
getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVIUSERID and AVIUSERPASSWORD fields via a direct request...
CVE-2018-3813
getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVIUSERID and AVIUSERPASSWORD fields via a direct request...
CVE-2018-3813
The CVE-2018-3813 entry applies to FLIR Brickstream 2300 devices, where the getConfigExportFile.cgi interface exposes an incorrect access control vulnerability. The affected component is the getConfigExportFile.cgi handler on Brickstream 2300 devices version 2.0 with firmware 4.1.53.166, enabling...
CVE-2018-3813
getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVIUSERID and AVIUSERPASSWORD fields via a direct request...