1. Home
  2. CVE Database
  3. CVE-2023-47213
CRITICAL · 9.8

CVE-2023-47213

First Corporation's DVRs use a hard-coded password, which may allow a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are p...

Vulnerability Description

First Corporation's DVRs use a hard-coded password, which may allow a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are provided only for Late model of CFR-4EABC, CFR-4EAB, CFR-8EAB, CFR-16EAB, MD-404AB, and MD-808AB. As for the other products, apply the workaround.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
C-FirstCfr-1004Ea Firmware-
C-FirstCfr-1004Ea-
C-FirstCfr-1008Ea Firmware-
C-FirstCfr-1008Ea-
C-FirstCfr-1016Ea Firmware-
C-FirstCfr-1016Ea-
C-FirstCfr-16Eaa Firmware-
C-FirstCfr-16Eaa-
C-FirstCfr-16Eab Firmware-
C-FirstCfr-16Eab-
C-FirstCfr-16Eha Firmware-
C-FirstCfr-16Eha-
C-FirstCfr-16Ehd Firmware-
C-FirstCfr-16Ehd-
C-FirstCfr-4Eaa Firmware-
C-FirstCfr-4Eaa-
C-FirstCfr-4Eaam Firmware-
C-FirstCfr-4Eaam-
C-FirstCfr-4Eab Firmware-
C-FirstCfr-4Eab-

Related Weaknesses (CWE)

CWE-798

References

FAQ

What is CVE-2023-47213?

CVE-2023-47213 is a vulnerability with a CVSS score of 9.8 (CRITICAL). First Corporation's DVRs use a hard-coded password, which may allow a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are p...

How severe is CVE-2023-47213?

CVE-2023-47213 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2023-47213?

Check the references section above for vendor advisories and patch information. Affected products include: C-First Cfr-1004Ea Firmware, C-First Cfr-1004Ea, C-First Cfr-1008Ea Firmware, C-First Cfr-1008Ea, C-First Cfr-1016Ea Firmware.