First published: Fri Apr 28 2023(Updated: )
This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to improper authorization at the Milesight NVR web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http requests on the targeted device. Successful exploitation of this vulnerability could allow remote attacker to perform unauthorized activities on the targeted device.
Credit: vdisclose@cert-in.org.in
Affected Software | Affected Version | How to fix |
---|---|---|
Milesight ms-n5008-uc firmware | <73.9.0.18-r2 | |
Milesight ms-n5008-uc firmware | ||
Milesight ms-n1008-unc firmware | <73.9.0.18-r2 | |
Milesight ms-n1008-unc firmware | ||
Milesight MS-N1008-UC Firmware | <73.9.0.18-r2 | |
Milesight ms-n1008-uc firmware | ||
Milesight MS-N1004-UC | <73.9.0.18-r2 | |
Milesight MS-N1004-UC Firmware | ||
Milesight MS-N5016-E Firmware | <75.9.0.18-r2 | |
Milesight ms-n5016-e firmware | ||
Milesight MS-N5008-E | <75.9.0.18-r2 | |
Milesight ms-n5008-e firmware | ||
Milesight ms-n7016-uh firmware | <71.9.0.18-r2 | |
Milesight ms-n7016-uh firmware | ||
Milesight ms-n7032-uh firmware | <71.9.0.18-r2 | |
Milesight ms-n7032-uh firmware | ||
Milesight ms-n8064-uh firmware | <71.9.0.18-r2 | |
Milesight ms-n8064-uh firmware | ||
Milesight MS-N8032-UH Firmware | <71.9.0.18-r2 | |
Milesight ms-n8032-uh firmware | ||
Milesight MS-N1004-UC | <73.9.0.18-r2 | |
Milesight MS-N1004-UC | ||
Milesight MS-N1008 UPC | <73.9.0.18-r2 | |
Milesight MS-N1008 UPC | ||
Milesight MS-N1008-UNPC | <73.9.0.18-r2 | |
Milesight MS-N1008-UNPC | ||
Milesight ms-n5008-upc firmware | <73.9.0.18-r2 | |
Milesight ms-n5008-upc firmware | ||
Milesight MS-N5016-PE | <75.9.0.18-r2 | |
Milesight MS-N5016-PE | ||
Milesight MS-N5008-PE | <75.9.0.18-r2 | |
Milesight MS-N5008-PE Firmware | ||
Milesight ms-n7016-uph firmware | <71.9.0.18-r2 | |
Milesight ms-n7016-uph firmware | ||
Milesight ms-n7032-uph | <71.9.0.18-r2 | |
Milesight MS-N7032-UPH | ||
Milesight ms-n7048-uph firmware | <71.9.0.18-r2 | |
Milesight ms-n7048-uph firmware | ||
Milesight MS-Nxxxx-xxG firmware | <77.9.0.18-r2 | |
Milesight MS-Nxxxx Firmware | <72.9.0.18-r2 |
Update Milesight NVR firmware to latest version https://www.milesight.com/support/download/firmware https://www.milesight.com/support/download/firmware
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-30467 is a vulnerability that exists in Milesight 4K/H.265 Series NVR models due to improper authorization at the Milesight NVR web-based management interface.
The severity of CVE-2023-30467 is critical with a CVSS score of 9.8.
CVE-2023-30467 affects Milesight 4K/H.265 Series NVR models by allowing remote attackers to exploit the vulnerability through the web-based management interface.
CVE-2023-30467 affects Milesight 4K/H.265 Series NVR models with firmware versions up to and including 77.9.0.18-r2.
You can find more information about CVE-2023-30467 at the CERT-IN website.