CVE-2023-27388

2023-05-2300:00:00

jpcert

www.cve.org

improper authentication

t&d corporation

espec mic corp.

data logger

remote attacker

unauthenticated

firmware versions

9.8 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.2%

JSON

Improper authentication vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker to login to the product as a registered user. Affected products and versions are as follows: T&D Corporation data logger products (TR-71W/72W all firmware versions, RTR-5W all firmware versions, WDR-7 all firmware versions, WDR-3 all firmware versions, and WS-2 all firmware versions), and ESPEC MIC CORP. data logger products (RT-12N/RS-12N all firmware versions, RT-22BN all firmware versions, and TEU-12N all firmware versions).

CNA Affected

[
  {
    "vendor": "T&D Corporation and ESPEC MIC CORP.",
    "product": "T&D Corporation and ESPEC MIC CORP. data logger products",
    "versions": [
      {
        "version": "T&D Corporation data logger products (TR-71W/72W all firmware versions, RTR-5W all firmware versions, WDR-7 all firmware versions, WDR-3 all firmware versions, and WS-2 all firmware versions), ESPEC MIC CORP. data logger products (RT-12N/RS-12N all firmware versions, RT-22BN all firmware versions, and TEU-12N all firmware versions)",
        "status": "affected"
      }
    ]
  }
]