Filtered by vendor C-first Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-47674 1 C-first 56 Cfr-1004ea, Cfr-1004ea Firmware, Cfr-1008ea and 53 more 2024-11-21 9.8 Critical
Missing authentication for critical function vulnerability in First Corporation's DVRs allows a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are provided only for Late model of CFR-4EABC, CFR-4EAB, CFR-8EAB, CFR-16EAB, MD-404AB, and MD-808AB. As for the other products, apply the workaround.
CVE-2023-47213 1 C-first 56 Cfr-1004ea, Cfr-1004ea Firmware, Cfr-1008ea and 53 more 2024-11-21 9.8 Critical
First Corporation's DVRs use a hard-coded password, which may allow a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are provided only for Late model of CFR-4EABC, CFR-4EAB, CFR-8EAB, CFR-16EAB, MD-404AB, and MD-808AB. As for the other products, apply the workaround.