The Loftek Nexus 543 IP Camera stores passwords in cleartext, which allows remote attackers to obtain sensitive information via an HTTP GET request to check_users.cgi. NOTE: cleartext passwords can also be obtained from proc/kcore when leveraging the directory traversal vulnerability in CVE-2013-3311.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-11-21T19:39:23

Updated: 2024-08-06T16:07:36.912Z

Reserved: 2013-04-30T00:00:00

Link: CVE-2013-3313

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-11-21T20:15:15.363

Modified: 2024-11-21T01:53:21.513

Link: CVE-2013-3313

cve-icon Redhat

No data.