CVE-2023-38585

🗓️ 23 Aug 2023 02:51:09Reported by jpcertType

Improper authentication vulnerability in CBC products, allowing remote attacker to execute arbitrary OS command or alter settings. Unsupported products not updated

Reporter	Title	Published	Views	Family All 8
CNNVD	CBC AMERICA 多款产品授权问题漏洞	21 Aug 202300:00	–	cnnvd
Cvelist	CVE-2023-38585	23 Aug 202302:51	–	cvelist
EUVD	EUVD-2023-42384	3 Oct 202520:07	–	euvd
Japan Vulnerability Notes	Multiple vulnerabilities in CBC digital video recorders	22 Aug 202308:35	–	jvn
NVD	CVE-2023-38585	23 Aug 202303:15	–	nvd
Prion	Authentication flaw	23 Aug 202303:15	–	prion
Positive Technologies	PT-2023-26520 · Cbc · Cbc	22 Aug 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-38585	23 May 202502:19	–	redhatcve

NVD

Node

cbc nr4h_firmwareMatch-

AND

cbc nr4hMatch-

Node

cbc nr8h_firmwareMatch-

AND

cbc nr8hMatch-

Node

cbc nr16h_firmwareMatch-

AND

cbc nr16hMatch-

Node

cbc dr-16f42a_firmwareMatch-

AND

cbc dr-16f42aMatch-

Node

cbc dr-16f45at_firmwareMatch-

AND

cbc dr-16f45atMatch-

Node

cbc dr-8f42a_firmwareMatch-

AND

cbc dr-8f42aMatch-

Node

cbc dr-8f45at_firmwareMatch-

AND

cbc dr-8f45atMatch-

Node

cbc dr-4fx1_firmwareMatch-

AND

cbc dr-4fx1Match-

Node

cbc dr-16h_firmwareMatch-

AND

cbc dr-16hMatch-

Node

cbc dr-8h_firmwareMatch-

AND

cbc dr-8hMatch-

Node

cbc dr-4h_firmwareMatch-

AND

cbc dr-4hMatch-

Node

cbc drh8-4m41-a_firmwareMatch-

AND

cbc drh8-4m41-aMatch-

Node

cbc nr8-4m71_firmwareMatch-

AND

cbc nr8-4m71Match-

Node

cbc nr8-8m72_firmwareMatch-

AND

cbc nr8-8m72Match-

Node

cbc nr-16m_firmwareMatch-

AND

cbc nr-16mMatch-

Node

cbc nr-16f85-8pra_firmwareMatch-

AND

cbc nr-16f85-8praMatch-

Node

cbc nr-16f82-16p_firmwareMatch-

AND

cbc nr-16f82-16pMatch-

Node

cbc nr-4f_firmwareMatch-

AND

cbc nr-4fMatch-

Node

cbc nr-8f_firmwareMatch-

AND

cbc nr-8fMatch-

Node

cbc dr-16m52_firmwareMatch-

AND

cbc dr-16m52Match-

Node

cbc dr-16m52-av_firmwareMatch-

AND

cbc dr-16m52-avMatch-

Node

cbc dr-8m52-av_firmwareMatch-

AND

cbc dr-8m52-avMatch-

Node

cbc dr-4m51-av_firmwareMatch-

AND

cbc dr-4m51-avMatch-

[
  {
    "vendor": "CBC Co.,Ltd.",
    "product": "NR4H, NR8H, NR16H series",
    "versions": [
      {
        "version": "firmware all versions",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "CBC Co.,Ltd.",
    "product": "DR-16F, DR-8F, DR-4F, DR-16H, DR-8H, DR-4H, DR-4M41 series",
    "versions": [
      {
        "version": "firmware all versions",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "CBC Co.,Ltd.",
    "product": "NR-4M, NR-8M, NR-16M series",
    "versions": [
      {
        "version": "firmware all versions",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "CBC Co.,Ltd.",
    "product": "NR-4F, NR-8F, NR-16F series",
    "versions": [
      {
        "version": "firmware all versions",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "CBC Co.,Ltd.",
    "product": "DR-16M, DR-8M, DR-4M51 series",
    "versions": [
      {
        "version": "firmware all versions",
        "status": "affected"
      }
    ]
  }
]

Source	Link
download	www.download.ganzsecurity.pl/
jvn	www.jvn.jp/en/vu/JVNVU92545432/
ganzsecurity	www.ganzsecurity.com/release/1578/digimasterpixelmaster-security-notice

21 Nov 2024 08:13Current

8.7High risk

Vulners AI Score8.7

CVSS 3.18.8

EPSS0.02009

CWE-287