CVE-2023-48121
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
38.3%
An authentication bypass vulnerability in the Direct Connection Module in Ezviz CS-C6N-xxx prior to v5.3.x build 20230401, Ezviz CS-CV310-xxx prior to v5.3.x build 20230401, Ezviz CS-C6CN-xxx prior to v5.3.x build 20230401, Ezviz CS-C3N-xxx prior to v5.3.x build 20230401 allows remote attackers to obtain sensitive information by sending crafted messages to the affected devices.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ezviz | cs-c6n-a0-1c2wfr | - | cpe:2.3:h:ezviz:cs-c6n-a0-1c2wfr:-:*:*:*:*:*:*:* |
| ezviz | cs-c6n-a0-1c2wfr_firmware | - | cpe:2.3:o:ezviz:cs-c6n-a0-1c2wfr_firmware:-:*:*:*:*:*:*:* |
| ezviz | cs-cv310-a0-1c2wfr | - | cpe:2.3:h:ezviz:cs-cv310-a0-1c2wfr:-:*:*:*:*:*:*:* |
| ezviz | cs-cv310-a0-1c2wfr_firmware | - | cpe:2.3:o:ezviz:cs-cv310-a0-1c2wfr_firmware:-:*:*:*:*:*:*:* |
| ezviz | cs-c6cn-a0-3h2wfr | - | cpe:2.3:h:ezviz:cs-c6cn-a0-3h2wfr:-:*:*:*:*:*:*:* |
| ezviz | cs-c6cn-a0-3h2wfr_firmware | - | cpe:2.3:o:ezviz:cs-c6cn-a0-3h2wfr_firmware:-:*:*:*:*:*:*:* |
| ezviz | cs-c3n-a0-3h2wfrl | - | cpe:2.3:h:ezviz:cs-c3n-a0-3h2wfrl:-:*:*:*:*:*:*:* |
| ezviz | cs-c3n-a0-3h2wfrl_firmware | - | cpe:2.3:o:ezviz:cs-c3n-a0-3h2wfrl_firmware:-:*:*:*:*:*:*:* |
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
38.3%