Lucene search

[email protected]NVD:CVE-2023-30766

HistoryJun 13, 2023 - 10:15 a.m.

CVE-2023-30766

2023-06-1310:15:10

[email protected]

web.nvd.nist.gov

hidden functionality

kb-ahr series

kb-irip series

arbitrary os command

device settings

vulnerability

affected products

security issue

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.003

Percentile

67.9%

JSON

Hidden functionality issue exists in KB-AHR series and KB-IRIP series. If this vulnerability is exploited, an arbitrary OS command may be executed on the product or the device settings may be altered. Affected products and versions are as follows: KB-AHR04D versions prior to 91110.1.101106.78, KB-AHR08D versions prior to 91210.1.101106.78, KB-AHR16D versions prior to 91310.1.101106.78, KB-IRIP04A versions prior to 95110.1.100290.78A, KB-IRIP08A versions prior to 95210.1.100290.78A, and KB-IRIP16A versions prior to 95310.1.100290.78A.

Affected configurations

Nvd

Node

kbdevicekb-ahr04d_firmwareRange<91110.1.101106.78

AND

kbdevicekb-ahr04dMatch-

Node

kbdevicekb-ahr08d_firmwareRange<91210.1.101106.78

AND

kbdevicekb-ahr08dMatch-

Node

kbdevicekb-ahr16d_firmwareRange<91310.1.101106.78

AND

kbdevicekb-ahr16dMatch-

Node

kbdevicekb-irip04a_firmwareRange<95110.1.100290.78a

AND

kbdevicekb-irip04aMatch-

Node

kbdevicekb-irip08a_firmwareRange<95210.1.100290.78a

AND

kbdevicekb-irip08aMatch-

Node

kbdevicekb-irip16a_firmwareRange<95310.1.100290.78a

AND

kbdevicekb-irip16aMatch-

VendorProductVersionCPE
kbdevicekb-ahr04d_firmware*cpe:2.3:o:kbdevice:kb-ahr04d_firmware:*:*:*:*:*:*:*:*
kbdevicekb-ahr04d-cpe:2.3:h:kbdevice:kb-ahr04d:-:*:*:*:*:*:*:*
kbdevicekb-ahr08d_firmware*cpe:2.3:o:kbdevice:kb-ahr08d_firmware:*:*:*:*:*:*:*:*
kbdevicekb-ahr08d-cpe:2.3:h:kbdevice:kb-ahr08d:-:*:*:*:*:*:*:*
kbdevicekb-ahr16d_firmware*cpe:2.3:o:kbdevice:kb-ahr16d_firmware:*:*:*:*:*:*:*:*
kbdevicekb-ahr16d-cpe:2.3:h:kbdevice:kb-ahr16d:-:*:*:*:*:*:*:*
kbdevicekb-irip04a_firmware*cpe:2.3:o:kbdevice:kb-irip04a_firmware:*:*:*:*:*:*:*:*
kbdevicekb-irip04a-cpe:2.3:h:kbdevice:kb-irip04a:-:*:*:*:*:*:*:*
kbdevicekb-irip08a_firmware*cpe:2.3:o:kbdevice:kb-irip08a_firmware:*:*:*:*:*:*:*:*
kbdevicekb-irip08a-cpe:2.3:h:kbdevice:kb-irip08a:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
kbdevice	kb-ahr04d_firmware	*	cpe:2.3:o:kbdevice:kb-ahr04d_firmware::::::::
kbdevice	kb-ahr04d	-	cpe:2.3:h:kbdevice:kb-ahr04d:-:::::::*
kbdevice	kb-ahr08d_firmware	*	cpe:2.3:o:kbdevice:kb-ahr08d_firmware::::::::
kbdevice	kb-ahr08d	-	cpe:2.3:h:kbdevice:kb-ahr08d:-:::::::*
kbdevice	kb-ahr16d_firmware	*	cpe:2.3:o:kbdevice:kb-ahr16d_firmware::::::::
kbdevice	kb-ahr16d	-	cpe:2.3:h:kbdevice:kb-ahr16d:-:::::::*
kbdevice	kb-irip04a_firmware	*	cpe:2.3:o:kbdevice:kb-irip04a_firmware::::::::
kbdevice	kb-irip04a	-	cpe:2.3:h:kbdevice:kb-irip04a:-:::::::*
kbdevice	kb-irip08a_firmware	*	cpe:2.3:o:kbdevice:kb-irip08a_firmware::::::::
kbdevice	kb-irip08a	-	cpe:2.3:h:kbdevice:kb-irip08a:-:::::::*

Rows per page:

1-10 of 121

References

jvn.jp/en/vu/JVNVU90812349/

www.kbdevice.com/news/%e3%83%ac%e3%82%b3%e3%83%bc%e3%83%80%e3%83%bc%e3%81%ae%e3%83%8d%e3%83%83%e3%83%88%e3%83%af%e3%83%bc%e3%82%af%e6%94%bb%e6%92%83%e3%81%ab%e5%af%be%e3%81%99%e3%82%8b%e3%82%a2%e3%83%83%e3%83%97%e3%83%87/

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.003

Percentile

67.9%

JSON

Related for NVD:CVE-2023-30766

prion1 cvelist1 cve1