Unknown
CVE-2023-47674
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2023-47674
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Missing authentication for critical function vulnerability in First Corporation’s DVRs allows a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are provided only for Late model of CFR-4EABC, CFR-4EAB, CFR-8EAB, CFR-16EAB, MD-404AB, and MD-808AB. As for the other products, apply the workaround.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- cfr-1004ea firmware -,
- cfr-1008ea firmware -,
- cfr-1016ea firmware -,
- cfr-16eaa firmware -,
- cfr-16eab firmware -,
- cfr-16eha firmware -,
- cfr-16ehd firmware -,
- cfr-4eaa firmware -,
- cfr-4eaam firmware -,
- cfr-4eab firmware -,
- cfr-4eabc firmware -,
- cfr-4eha firmware -,
- cfr-4ehd firmware -,
- cfr-8eaa firmware -,
- cfr-8eab firmware -,
- cfr-8eha firmware -,
- cfr-8ehd firmware -,
- cfr-904e firmware -,
- cfr-908e firmware -,
- cfr-916e firmware -,
- md-404aa firmware -,
- md-404ab firmware -,
- md-404ha firmware -,
- md-404hd firmware -,
- md-808aa firmware -,
- md-808ab firmware -,
- md-808ha firmware -,
- md-808hd firmware -
Weaknesses
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
