Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistJpcertCVELIST:CVE-2023-47674
HistoryNov 16, 2023 - 7:28 a.m.

CVE-2023-47674

2023-11-1607:28:38
jpcert
www.cve.org
7
first corporation
dvrs
critical function
vulnerability
remote unauthorized access
configuration information
updates
late model
cfr-4eabc
cfr-4eab
cfr-8eab
cfr-16eab
md-404ab
md-808ab
workaround

AI Score

9.7

Confidence

High

EPSS

0.001

Percentile

43.4%

JSON

Missing authentication for critical function vulnerability in First Corporation’s DVRs allows a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are provided only for Late model of CFR-4EABC, CFR-4EAB, CFR-8EAB, CFR-16EAB, MD-404AB, and MD-808AB. As for the other products, apply the workaround.

CNA Affected

[
  {
    "vendor": "First Co., Ltd.",
    "product": "CFR-904E, CFR-908E, CFR-916E",
    "versions": [
      {
        "version": "firmware all versions",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "First Co., Ltd.",
    "product": "CFR-4EHD, CFR-8EHD, CFR-16EHD",
    "versions": [
      {
        "version": "firmware all versions",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "First Co., Ltd.",
    "product": "CFR-4EHA, CFR-8EHA, CFR-16EHA",
    "versions": [
      {
        "version": "firmware all versions",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "First Co., Ltd.",
    "product": "CFR-4EAAM, CFR-4EABC",
    "versions": [
      {
        "version": "firmware all versions",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "First Co., Ltd.",
    "product": "CFR-4EAA, CFR-8EAA, CFR-16EAA",
    "versions": [
      {
        "version": "firmware all versions",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "First Co., Ltd.",
    "product": "CFR-4EAB, CFR-8EAB, CFR-16EAB",
    "versions": [
      {
        "version": "firmware all versions",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "First Co., Ltd.",
    "product": "CFR-1004EA, CFR-1008EA, CFR-1016EA",
    "versions": [
      {
        "version": "firmware all versions",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "First Co., Ltd.",
    "product": "MD-404HD, MD-808HD",
    "versions": [
      {
        "version": "firmware all versions",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "First Co., Ltd.",
    "product": "MD-404HA, MD-808HA",
    "versions": [
      {
        "version": "firmware all versions",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "First Co., Ltd.",
    "product": "MD-404AA, MD-808AA",
    "versions": [
      {
        "version": "firmware all versions",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "First Co., Ltd.",
    "product": "MD-404AB, MD-808AB",
    "versions": [
      {
        "version": "firmware all versions",
        "status": "affected"
      }
    ]
  }
]

Related

nvd 1
prion 1
cve 1
nvd
nvd
CVE-2023-47674
2023-11-16 08:15:33
prion
prion
Authentication flaw
2023-11-16 08:15:00
cve
cve
CVE-2023-47674
2023-11-16 08:15:33

AI Score

9.7

Confidence

High

EPSS

0.001

Percentile

43.4%

JSON
Related for CVELIST:CVE-2023-47674
nvd1prion1cve1