CVE-2023-30466

Summary

This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to a weak password reset mechanism at the Milesight NVR web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http requests on the targeted device.

Successful exploitation of this vulnerability could allow remote attacker to account takeover on the targeted device.

Affected Software

VendorProductVersion RangeStatus
MilesightNVR MS-Nxxxx-xxG77.X < 77.9.0.18-r2affected
MilesightNVR MS-Nxxxx-xxE75.X < 75.9.0.18-r2affected
MilesightNVR MS-Nxxxx-xxT72.X < 72.9.0.18-r2affected
MilesightNVR MS-Nxxxx-xxH71.X < 71.9.0.18-r2affected
MilesightNVR MS-Nxxxx-xxC73.X < 73.9.0.18-r2affected

Weaknesses

  • CWE-640: CWE-640 Weak Password Recovery Mechanism for Forgotten Password

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References