Vulnerability Description
Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 has a command injection vulnerability in their implementation of their binaries and handling of network requests.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zavio | Cf7500 Firmware | m2.1.6.05 |
| Zavio | Cf7500 | - |
| Zavio | Cf7300 Firmware | m2.1.6.05 |
| Zavio | Cf7300 | - |
| Zavio | Cf7201 Firmware | m2.1.6.05 |
| Zavio | Cf7201 | - |
| Zavio | Cf7501 Firmware | m2.1.6.05 |
| Zavio | Cf7501 | - |
| Zavio | Cb3211 Firmware | m2.1.6.05 |
| Zavio | Cb3211 | - |
| Zavio | Cb3212 Firmware | m2.1.6.05 |
| Zavio | Cb3212 | - |
| Zavio | Cb5220 Firmware | m2.1.6.05 |
| Zavio | Cb5220 | - |
| Zavio | Cb6231 Firmware | m2.1.6.05 |
| Zavio | Cb6231 | - |
| Zavio | B8520 Firmware | m2.1.6.05 |
| Zavio | B8520 | - |
| Zavio | B8220 Firmware | m2.1.6.05 |
| Zavio | B8220 | - |
Related Weaknesses (CWE)
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-304-03Third Party AdvisoryUS Government Resource
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-304-03Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2023-4249?
CVE-2023-4249 is a vulnerability with a CVSS score of 8.8 (HIGH). Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 has a command injection vulnerability in their implementa...
How severe is CVE-2023-4249?
CVE-2023-4249 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-4249?
Check the references section above for vendor advisories and patch information. Affected products include: Zavio Cf7500 Firmware, Zavio Cf7500, Zavio Cf7300 Firmware, Zavio Cf7300, Zavio Cf7201 Firmware.