Credential Storage Vulnerability in Samsung Web Viewer for DVR Devices
CVE-2013-3585

Currently unrated

Key Information:

Vendor: Samsung
Status: Smart Viewer
Vendor: CVE Published:; 28 August 2013

Summary

The Samsung Web Viewer for DVR devices has a significant vulnerability that involves storing user credentials in cleartext. This flaw enables context-dependent attackers to retrieve sensitive information by either gaining direct access to the file where the credentials are stored or through the user-setup web page. Consequently, this vulnerability poses a serious risk to the security and privacy of users who rely on affected DVR devices.

References

http://www.kb.cert.org/vuls/id/882286

third-party-advisoryx_refsource_CERT-VN

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 28, 2013