CVE-2023-40144
N/A
N/A
Summary
OS command injection vulnerability in the CBC products allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter its settings. As for the affected products/versions, see the detailed information provided by the vendor. Note that NR4H, NR8H, NR16H series and DR-16F, DR-8F, DR-4F, DR-16H, DR-8H, DR-4H, DR-4M41 series are no longer supported, therefore updates for those products are not provided.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| CBC Co.,Ltd. | NR4H, NR8H, NR16H series | firmware all versions | affected |
| CBC Co.,Ltd. | DR-16F, DR-8F, DR-4F, DR-16H, DR-8H, DR-4H, DR-4M41 series | firmware all versions | affected |
| CBC Co.,Ltd. | NR-4M, NR-8M, NR-16M series | firmware all versions | affected |
| CBC Co.,Ltd. | NR-4F, NR-8F, NR-16F series | firmware all versions | affected |
| CBC Co.,Ltd. | DR-16M, DR-8M, DR-4M51 series | firmware all versions | affected |
Weaknesses
- OS command injection
ADP Enrichment
CVE Program Container
Additional References
- https://download.ganzsecurity.pl/
- https://ganzsecurity.com/release/1578/digimasterpixelmaster-security-notice
- https://jvn.jp/en/vu/JVNVU92545432/
References
- https://download.ganzsecurity.pl/
- https://ganzsecurity.com/release/1578/digimasterpixelmaster-security-notice
- https://jvn.jp/en/vu/JVNVU92545432/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.