Brickcom
Products
8- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-50245 | Hig | 0.50 | 7.7 | 0.00 | Jun 11, 2026 | Brickcom cameras allow unauthenticated access to live snapshot images via the /ONVIF endpoint and no authentication is required to retrieve still images from the camera feed. | ||
| CVE-2026-50005 | Hig | 0.50 | 7.7 | 0.00 | Jun 11, 2026 | Brickcom cameras ship with default credentials that allows any unauthenticated remote attacker to silently access camera feeds. | ||
| CVE-2013-3690 | 0.04 | — | 0.12 | Oct 1, 2013 | Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of… | |||
| CVE-2013-3689 | 0.00 | — | 0.01 | Oct 4, 2013 | Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information (user names, passwords,… |
- risk 0.50cvss 7.7epss 0.00
Brickcom cameras allow unauthenticated access to live snapshot images via the /ONVIF endpoint and no authentication is required to retrieve still images from the camera feed.
- risk 0.50cvss 7.7epss 0.00
Brickcom cameras ship with default credentials that allows any unauthenticated remote attacker to silently access camera feeds.
- CVE-2013-3690Oct 1, 2013risk 0.04cvss —epss 0.12
Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of…
- CVE-2013-3689Oct 4, 2013risk 0.00cvss —epss 0.01
Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information (user names, passwords,…