The Loftek Nexus 543 IP Camera stores passwords in cleartext, which allows remote attackers to obtain sensitive information via an HTTP GET request to check_users.cgi. NOTE: cleartext passwords can also be obtained from proc/kcore when leveraging the directory traversal vulnerability in CVE-2013-3311.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-11-21T19:39:23

Updated: 2024-08-06T16:07:36.912Z

Reserved: 2013-04-30T00:00:00

Link: CVE-2013-3313

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2019-11-21T20:15:15.363

Modified: 2019-11-27T15:51:22.970

Link: CVE-2013-3313

cve-icon Redhat

No data.