Vulnerability Details : CVE-2023-30467
This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to improper authorization at the Milesight NVR web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http requests on the targeted device.
Successful exploitation of this vulnerability could allow remote attacker to perform unauthorized activities on the targeted device.
Published
2023-04-28 11:15:09
Updated
2023-05-05 17:57:32
Vulnerability category: XML external entity (XXE) injectionBypassGain privilege
Products affected by CVE-2023-30467
- cpe:2.3:o:milesight:ms-n5008-uc_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n1008-unc_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n1008-uc_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n1004-uc_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n5016-e_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n5008-e_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n7016-uh_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n7032-uh_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n8064-uh_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n8032-uh_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n1004-upc_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n1008-upc_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n1008-unpc_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n5008-upc_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n5016-pe_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n5008-pe_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n7016-uph_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n7032-uph_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-n7048-uph_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-nxxxx-xxg_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:milesight:ms-nxxxx-xxt_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-30467
0.27%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 50 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-30467
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST | |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
Indian Computer Emergency Response Team (CERT-In) |
CWE ids for CVE-2023-30467
-
The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.Assigned by: vdisclose@cert-in.org.in (Secondary)
-
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.Assigned by: nvd@nist.gov (Primary)
References for CVE-2023-30467
-
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0121
Cert-In - Home PageThird Party Advisory
Jump to