First Corporation's DVRs use a hard-coded password, which may allow a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are provided only for Late model of CFR-4EABC, CFR-4EAB, CFR-8EAB, CFR-16EAB, MD-404AB, and MD-808AB. As for the other products, apply the workaround.

Project Subscriptions

Vendors Products
C-first Subscribe
Cfr-1004ea Subscribe
Cfr-1004ea Firmware Subscribe
Cfr-1008ea Subscribe
Cfr-1008ea Firmware Subscribe
Cfr-1016ea Subscribe
Cfr-1016ea Firmware Subscribe
Cfr-16eaa Subscribe
Cfr-16eaa Firmware Subscribe
Cfr-16eab Subscribe
Cfr-16eab Firmware Subscribe
Cfr-16eha Subscribe
Cfr-16eha Firmware Subscribe
Cfr-16ehd Subscribe
Cfr-16ehd Firmware Subscribe
Cfr-4eaa Subscribe
Cfr-4eaa Firmware Subscribe
Cfr-4eaam Subscribe
Cfr-4eaam Firmware Subscribe
Cfr-4eab Subscribe
Cfr-4eab Firmware Subscribe
Cfr-4eabc Subscribe
Cfr-4eabc Firmware Subscribe
Cfr-4eha Subscribe
Cfr-4eha Firmware Subscribe
Cfr-4ehd Subscribe
Cfr-4ehd Firmware Subscribe
Cfr-8eaa Subscribe
Cfr-8eaa Firmware Subscribe
Cfr-8eab Subscribe
Cfr-8eab Firmware Subscribe
Cfr-8eha Subscribe
Cfr-8eha Firmware Subscribe
Cfr-8ehd Subscribe
Cfr-8ehd Firmware Subscribe
Cfr-904e Subscribe
Cfr-904e Firmware Subscribe
Cfr-908e Subscribe
Cfr-908e Firmware Subscribe
Cfr-916e Subscribe
Cfr-916e Firmware Subscribe
Md-404aa Subscribe
Md-404aa Firmware Subscribe
Md-404ab Subscribe
Md-404ab Firmware Subscribe
Md-404ha Subscribe
Md-404ha Firmware Subscribe
Md-404hd Subscribe
Md-404hd Firmware Subscribe
Md-808aa Subscribe
Md-808aa Firmware Subscribe
Md-808ab Subscribe
Md-808ab Firmware Subscribe
Md-808ha Subscribe
Md-808ha Firmware Subscribe
Md-808hd Subscribe
Md-808hd Firmware Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2023-51345 First Corporation's DVRs use a hard-coded password, which may allow a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are provided only for Late model of CFR-4EABC, CFR-4EAB, CFR-8EAB, CFR-16EAB, MD-404AB, and MD-808AB. As for the other products, apply the workaround.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Mon, 21 Oct 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published:

Updated: 2024-10-21T14:27:58.805Z

Reserved: 2023-11-15T01:42:55.281Z

Link: CVE-2023-47213

cve-icon Vulnrichment

Updated: 2024-08-02T21:01:22.825Z

cve-icon NVD

Status : Modified

Published: 2023-11-16T08:15:32.840

Modified: 2024-11-21T08:29:58.057

Link: CVE-2023-47213

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses