Unrated severityNVD Advisory· Published Oct 4, 2013· Updated Apr 29, 2026

CVE-2013-3540

Description

Cross-site request forgery (CSRF) vulnerability in cgi-bin/admin/usrgrp.cgi in AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, POE100HD, and possibly other camera models allows remote attackers to hijack the authentication of administrators for requests that add users.

Affected products

Ovislink/Airlive Od 2025hd
cpe:2.3:h:ovislink:airlive_od-2025hd:-:*:*:*:*:*:*:*
Ovislink/Airlive Od 2060hd
cpe:2.3:h:ovislink:airlive_od-2060hd:-:*:*:*:*:*:*:*
Ovislink/Airlive Poe100hd
cpe:2.3:h:ovislink:airlive_poe100hd:-:*:*:*:*:*:*:*
Ovislink/Airlive Poe200hd
cpe:2.3:h:ovislink:airlive_poe200hd:-:*:*:*:*:*:*:*
Ovislink/Airlive Poe250hd
cpe:2.3:h:ovislink:airlive_poe250hd:-:*:*:*:*:*:*:*
Ovislink/Airlive Poe2600hd
cpe:2.3:h:ovislink:airlive_poe2600hd:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

seclists.org/fulldisclosure/2013/Jun/84nvdExploit

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000