29 matches found
Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors
Malware campaigns distributing the RondoDox botnet have expanded their targeting focus to exploit more than 50 vulnerabilities across over 30 vendors. The activity, described as akin to an "exploit shotgun" approach, has singled out a wide range of internet-exposed infrastructure, including...
EUVD-2013-3622
Malware in sbrugna...
EUVD-2013-3623
Malware in sbrugna...
CVE-2013-3690
Cross-site request forgery CSRF vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of administrators for requests that...
Weak password vulnerability in Brickcom-MD-300Np-360P
Brickcom Corporation Brickcom is composed of R&D team with rich experience in surveillance industry, and develops digital surveillance products with advanced technology. Including Mega IP Camera, Wireless IP Camera, Video Server, 3G Video Transmission NVR Embedded Network DVR, CMS Client Platform...
Weak Password Vulnerability in Brickcom FB-200Np Camera
BRICS Communications Technology is a leading global provider of network video solutions. A weak password vulnerability exists in the Brickcom FB-200Np camera, which can be exploited by attackers to obtain sensitive information...
Brickcom FB-200Np Camera Has Logic Flaw Vulnerability
Based in Taiwan, Brickcom is committed to developing a full range of security monitoring system products and has established its own brand "Brickcom", which has established a comprehensive distribution system in America, Europe, Asia and New Zealand and Australia. A logic flaw exists in the...
Weak Password Vulnerability in Brickcom Cameras at Brickcom Technologies, Inc.
Brickcom Corporation Brickcom is composed of R&D team with rich experience in surveillance industry, and develops digital surveillance products with advanced technology. Including Mega IP Camera, Wireless IP Camera, Video Server, 3G Video Transmission NVR Embedded Network DVR, CMS Client Platform...
Brickcom Network Camera Default Credentials (HTTP)
The remote Brickcom IP camera is using known default credentials for the HTTP login. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
Brickcom Network Camera Detection (HTTP)
Detection of Brickcom Network Camera devices. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Brickcom IP Camera - Credentials Disclosure Vulnerability
Exploit for hardware platform in category web applications 1. Advisory Information ======================================== Title: Brickcom IP-Camera Remote Credentials and Settings Disclosure Vendor Homepage: http://www.brickcom.com Tested on Camera types: WCB-040Af, WCB-100A, WCB-100Ae, OB-302N...
Brickcom IP Camera - Credentials Disclosure
Advisory Information ======================================== Title: Brickcom IP-Camera Remote Credentials and Settings Disclosure Vendor Homepage: http://www.brickcom.com Tested on Camera types: WCB-040Af, WCB-100A, WCB-100Ae, OB-302Np, OB-300Af, OB-500Af Remotely Exploitable: Yes...
Brickcom IP Camera - Credentials Disclosure
Brickcom IP Camera - Credentials Disclosure 1. Advisory Information ======================================== Title: Brickcom IP-Camera Remote Credentials and Settings Disclosure Vendor Homepage: http://www.brickcom.com Tested on Camera types: WCB-040Af, WCB-100A, WCB-100Ae, OB-302Np, OB-300Af,...
Brickcom Network Cameras Multiple Vulnerabilities (Dec 2015) - Active Check
Brickcom Network Camera devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX =...
Brickcom Corporation Network Cameras - Multiple Vulnerabilities
Exploit for hardware platform in category web applications Adivisory Information ===================== Vendor: Brickcom Corporation CVE-Number:N/A Adivisory-URL: http://www.orwelllabs.com/2016/04/Brickcom-Multiple-Vulnerabilities.html OLSA-ID: OLSA-2015-12-12 Impact: High especially because some ...
Brickcom Corporation Network Cameras - Multiple Vulnerabilities
| | | | | | | | | | | | / | '\ \ /\ / / \ | | |/ | ' / | | | | \ V V / / | | | | | | \ \ /|| // ||||,|./|/ Security Adivisory 2016-04-12 www.orwelllabs.com twt:@orwelllabs sm1thw@0rw3lll4bs:/bb ./Bruce.S + surveillance is the business model of the internet - OK! sm1thw@0rw3lll4bs:/bb echo $?...
Brickcom Network Cameras XSS / CSRF / Insecure Direct Object Reference
| | | | | | | | | | | | / | '\ \ /\ / / \ | | |/ | ' / | | | | \ V V / / | | | | | | \ \ /|| // ||||,|./|/ Security Adivisory 2016-04-12 www.orwelllabs.com twt:@orwelllabs sm1thw@0rw3lll4bs:/bb ./Bruce.S + surveillance is the business model of the internet - OK! sm1thw@0rw3lll4bs:/bb echo $?...
Brickcom Corporation Network Cameras - Multiple Vulnerabilities
Brickcom Corporation Network Cameras - Multiple Vulnerabilities | | | | | | | | | | | | / | '\ \ /\ / / \ | | |/ | ' / | | | | \ V V / / | | | | | | \ \ /|| // ||||,|./|/ Security Adivisory 2016-04-12 www.orwelllabs.com twt:@orwelllabs sm1thw@0rw3lll4bs:/bb ./Bruce.S + surveillance is the...
CVE-2013-3689
Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information user names, passwords, and configurations...
Design/Logic Flaw
Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information user names, passwords, and configurations...