Unrated severityNVD Advisory· Published Oct 1, 2013· Updated Apr 29, 2026

CVE-2013-3539

Description

Cross-site request forgery (CSRF) vulnerability in the command/user.cgi in Sony SNC CH140, SNC CH180, SNC CH240, SNC CH280, SNC DH140, SNC DH140T, SNC DH180, SNC DH240, SNC DH240T, SNC DH280, and possibly other camera models allows remote attackers to hijack the authentication of administrators for requests that add users.

Affected products

Ovislink/Airlive Wl2600cam
cpe:2.3:h:ovislink:airlive_wl2600cam:-:*:*:*:*:*:*:*
Sony/Snc Ch140
cpe:2.3:h:sony:snc_ch140:-:*:*:*:*:*:*:*
Sony/Snc Ch180
cpe:2.3:h:sony:snc_ch180:-:*:*:*:*:*:*:*
Sony/Snc Ch240
cpe:2.3:h:sony:snc_ch240:-:*:*:*:*:*:*:*
Sony/Snc Ch280
cpe:2.3:h:sony:snc_ch280:-:*:*:*:*:*:*:*
Sony/Snc Dh140
cpe:2.3:h:sony:snc_dh140:-:*:*:*:*:*:*:*
Sony/Snc Dh140t
cpe:2.3:h:sony:snc_dh140t:-:*:*:*:*:*:*:*
Sony/Snc Dh180
cpe:2.3:h:sony:snc_dh180:-:*:*:*:*:*:*:*
Sony/Snc Dh240
cpe:2.3:h:sony:snc_dh240:-:*:*:*:*:*:*:*
Sony/Snc Dh240t
cpe:2.3:h:sony:snc_dh240t:-:*:*:*:*:*:*:*
Sony/Snc Dh280
cpe:2.3:h:sony:snc_dh280:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

seclists.org/fulldisclosure/2013/Jun/84nvdExploit

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000