Vulnerability Details CVE-2018-3813
getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVI_USER_ID and AVI_USER_PASSWORD fields via a direct request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.3%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 5.0
References
Products affected by CVE-2018-3813
-
cpe:2.3:h:flir:brickstream_2300_2d:-
-
cpe:2.3:h:flir:brickstream_2300_3d+:-
-
cpe:2.3:h:flir:brickstream_2300_3d:-
-
cpe:2.3:o:flir:brickstream_2300_2d_firmware:2.0_4.1.53.166
-
cpe:2.3:o:flir:brickstream_2300_3d+_firmware:2.0_4.1.53.166
-
cpe:2.3:o:flir:brickstream_2300_3d_firmware:2.0_4.1.53.166