Authentication Bypass Vulnerability in Milesight Network Video Recorder (NVR)
CVE-2023-30466

9.8CRITICAL

Key Information:

Vendor: Milesight
Status: Nvr Ms-nxxxx-xxg; Nvr Ms-nxxxx-xxe; Nvr Ms-nxxxx-xxt; Nvr Ms-nxxxx-xxh
Vendor: CVE Published:; 28 April 2023

What is CVE-2023-30466?

A flaw has been identified in the Milesight 4K/H.265 Series NVR models, specifically related to a weak password reset mechanism available through the web-based management interface. This vulnerability allows remote attackers to exploit the weakness by sending crafted HTTP requests, potentially leading to unauthorized account access. Organizations utilizing these models should assess their exposure and implement necessary security measures to mitigate risk.

Affected Version(s)

NVR MS-Nxxxx-xxC 73.X < 73.9.0.18-r2

NVR MS-Nxxxx-xxE 75.X < 75.9.0.18-r2

NVR MS-Nxxxx-xxG 77.X < 77.9.0.18-r2

References

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOT...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 28, 2023
Vulnerability Reserved
Apr 10, 2023

Credit

This vulnerability is reported by Souvik Kandar and Arko Dhar from Redinent Innovations Engineering & Research Team, Karnataka, India.

CVE-2023-30466 Data

JSON