Search for vulnerabilities
| Vulnerability ID | VCID-4x6y-yrxh-23fg |
| Aliases |
CVE-2013-3564
|
| Summary | The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 4.8 |
| Risk | 2.4 |
| Affected and Fixed Packages | Package Details |
| Reference id | Reference type | URL |
|---|---|---|
| https://api.first.org/data/v1/epss?cve=CVE-2013-3564 | ||
| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3564 | ||
| https://www3.trustwave.com/spiderlabs/advisories/TWSL2013-007.txt | ||
| cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:* | https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:* | |
| CVE-2013-3564 | https://nvd.nist.gov/vuln/detail/CVE-2013-3564 |
| Exploitability (E) | Access Vector (AV) | Access Complexity (AC) | Authentication (Au) | Confidentiality Impact (C) | Integrity Impact (I) | Availability Impact (A) |
|---|---|---|---|---|---|---|
high functional unproven proof_of_concept not_defined |
local adjacent_network network |
high medium low |
multiple single none |
none partial complete |
none partial complete |
none partial complete |
| Attack Vector (AV) | Attack Complexity (AC) | Privileges Required (PR) | User Interaction (UI) | Scope (S) | Confidentiality Impact (C) | Integrity Impact (I) | Availability Impact (A) |
|---|---|---|---|---|---|---|---|
network adjacent_network local physical |
low high |
none low high |
none required |
unchanged changed |
high low none |
high low none |
high low none |
| Percentile | 0.46109 |
| EPSS Score | 0.00233 |
| Published At | July 30, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-31T10:08:15.729854+00:00 | NVD Importer | Import | https://nvd.nist.gov/vuln/detail/CVE-2013-3564 | 37.0.0 |