High severity8.1NVD Advisory· Published Jan 28, 2020· Updated Jun 16, 2026
CVE-2013-4862
CVE-2013-4862
Description
MiCasaVerde VeraLite with firmware 1.5.408 does not properly restrict access, which allows remote authenticated users to (1) update the firmware via the squashfs parameter to upgrade_step2.sh or (2) obtain hashed passwords via the cgi-bin/cmh/backup.sh page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- MiCasaVerde/VeraLitedescription
- Range: 1.5.408
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/122654/MiCasaVerde-VeraLite-1.5.408-Traversal-Authorization-CSRF-Disclosure.htmlnvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/27286nvdExploitThird Party AdvisoryVDB Entry
- www3.trustwave.com/spiderlabs/advisories/TWSL2013-019.txtnvdExploit
News mentions
0No linked articles in our index yet.