CVE-2013-3690 Information

Description

Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap WCB-100Ap MD-100Ap WFB-100Ap OB-100Ae OSD-040E and possibly other camera models with firmware 3.1.0.8 and earlier allows remote attackers to hijack the authentication of administrators for requests that add users.

Reference

http://seclists.org/fulldisclosure/2013/Jun/84