CVE-2023-30467 (GCVE-0-2023-30467)

Vulnerability from cvelistv5 – Published: 2023-04-28 10:12 – Updated: 2025-01-30 17:13
VLAI?
Title
Improper Authorization Vulnerability in Milesight Network Video Recorder (NVR)
Summary
This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to improper authorization at the Milesight NVR web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http requests on the targeted device. Successful exploitation of this vulnerability could allow remote attacker to perform unauthorized activities on the targeted device.
Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
Milesight NVR MS-Nxxxx-xxG Affected: 77.X , < 77.9.0.18-r2 (custom)
Create a notification for this product.
    Milesight NVR MS-Nxxxx-xxE Affected: 75.X , < 75.9.0.18-r2 (custom)
Create a notification for this product.
    Milesight NVR MS-Nxxxx-xxT Affected: 72.X , < 72.9.0.18-r2 (custom)
Create a notification for this product.
    Milesight NVR MS-Nxxxx-xxH Affected: 71.X , < 71.9.0.18-r2 (custom)
Create a notification for this product.
    Milesight NVR MS-Nxxxx-xxC Affected: 73.X , < 73.9.0.18-r2 (custom)
Create a notification for this product.
Credits
This vulnerability is reported by Souvik Kandar and Arko Dhar from Redinent Innovations Engineering & Research Team, Karnataka, India.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T14:28:50.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0121"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-30467",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-30T17:13:42.759241Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-30T17:13:53.409Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "NVR MS-Nxxxx-xxG",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThan": "77.9.0.18-r2",
              "status": "affected",
              "version": "77.X",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "NVR MS-Nxxxx-xxE",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThan": "75.9.0.18-r2",
              "status": "affected",
              "version": "75.X",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "NVR MS-Nxxxx-xxT",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThan": "72.9.0.18-r2",
              "status": "affected",
              "version": "72.X",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "NVR MS-Nxxxx-xxH ",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThan": "71.9.0.18-r2",
              "status": "affected",
              "version": "71.X",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "NVR MS-Nxxxx-xxC",
          "vendor": "Milesight",
          "versions": [
            {
              "lessThan": "73.9.0.18-r2",
              "status": "affected",
              "version": "73.X",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "This vulnerability is reported by Souvik Kandar and Arko Dhar from Redinent Innovations Engineering \u0026 Research Team, Karnataka, India."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThis vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to improper authorization at the Milesight NVR web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http requests on the targeted device.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation of this vulnerability could allow remote attacker to perform unauthorized activities on the targeted device.\u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003cb\u003e\u003c/b\u003e\u003c/p\u003e\n\n\n\n\n\n\u003cb\u003e\u003c/b\u003e\u003cb\u003e\u003c/b\u003e"
            }
          ],
          "value": "This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to improper authorization at the Milesight NVR web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http requests on the targeted device.\n\nSuccessful exploitation of this vulnerability could allow remote attacker to perform unauthorized activities on the targeted device.\n\n\n\n\n\n\n\n\n\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-285",
              "description": "CWE-285 Improper Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-28T10:12:11.694Z",
        "orgId": "66834db9-ab24-42b4-be80-296b2e40335c",
        "shortName": "CERT-In"
      },
      "references": [
        {
          "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0121"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate\nMilesight NVR firmware to latest version \u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.milesight.com/support/download/firmware\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\n\n\n\n\n\n\n\n\u003cbr\u003e"
            }
          ],
          "value": "Update\nMilesight NVR firmware to latest version \u00a0\n\n https://www.milesight.com/support/download/firmware https://www.milesight.com/support/download/firmware \n\n\n\n\n\n\n\n\n\n\n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Improper Authorization Vulnerability in Milesight Network Video Recorder (NVR)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "66834db9-ab24-42b4-be80-296b2e40335c",
    "assignerShortName": "CERT-In",
    "cveId": "CVE-2023-30467",
    "datePublished": "2023-04-28T10:12:11.694Z",
    "dateReserved": "2023-04-10T10:20:17.201Z",
    "dateUpdated": "2025-01-30T17:13:53.409Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-30467\",\"sourceIdentifier\":\"vdisclose@cert-in.org.in\",\"published\":\"2023-04-28T11:15:09.040\",\"lastModified\":\"2024-11-21T08:00:14.600\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to improper authorization at the Milesight NVR web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http requests on the targeted device.\\n\\nSuccessful exploitation of this vulnerability could allow remote attacker to perform unauthorized activities on the targeted device.\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"vdisclose@cert-in.org.in\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"vdisclose@cert-in.org.in\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-285\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n5008-uc_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"73.9.0.18-r2\",\"matchCriteriaId\":\"BE1B2A5B-60C9-4A59-B55D-AC0094C3B1D6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n5008-uc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58261CC1-427F-4A52-A008-6B6716112BBF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n1008-unc_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"73.9.0.18-r2\",\"matchCriteriaId\":\"AFA4F551-2D31-4702-92D0-CAA5A13F129E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n1008-unc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFB41652-D278-4292-B7BB-7F070E361DAC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n1008-uc_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"73.9.0.18-r2\",\"matchCriteriaId\":\"09767926-CFFF-46FE-B4BF-6837B4EA8289\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n1008-uc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE88C635-0150-480E-8A89-5A56BE05D61E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n1004-uc_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"73.9.0.18-r2\",\"matchCriteriaId\":\"67C8EA84-347F-489B-9D14-F5F0FD70CF3C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n1004-uc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41AE04A5-3029-4BEB-BDCE-3C0FAF39E31E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n5016-e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"75.9.0.18-r2\",\"matchCriteriaId\":\"6942BA61-4138-4E0A-8752-7FDE859648BC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n5016-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4DA6501-93EC-41A5-B282-C64C21F60B67\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n5008-e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"75.9.0.18-r2\",\"matchCriteriaId\":\"252CCDD9-ADDB-409D-9959-0C04EE22476B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n5008-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB8433B3-851C-4B85-98E9-BBC03F9DA4C2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n7016-uh_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"71.9.0.18-r2\",\"matchCriteriaId\":\"5D7FA22E-4503-4BC8-B44B-95D07C76CE38\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n7016-uh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0F41EFC-32FD-4B45-96D0-99704EBBFDF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n7032-uh_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"71.9.0.18-r2\",\"matchCriteriaId\":\"6BB803FE-800A-4C0C-B3A2-360CAFF8404E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n7032-uh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE84B357-0D42-4C10-A33C-E7800423417F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n8064-uh_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"71.9.0.18-r2\",\"matchCriteriaId\":\"0795157C-5761-4B2F-8A0B-D517D1ECFB14\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n8064-uh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD889EAE-987D-42C2-9BCE-995583A47894\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n8032-uh_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"71.9.0.18-r2\",\"matchCriteriaId\":\"4EA14E16-90BE-4C8D-A1CD-92A911B74692\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n8032-uh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62654248-D2A8-494C-847F-8AF636506F20\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n1004-upc_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"73.9.0.18-r2\",\"matchCriteriaId\":\"57B5543B-1734-4E8F-8836-1AFDA14B1558\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n1004-upc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE9672C3-28C3-4E9B-B30F-86B50EC5BC07\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n1008-upc_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"73.9.0.18-r2\",\"matchCriteriaId\":\"D2D27E22-9CCF-43CB-BBBB-4AFDC7201E1C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n1008-upc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9E4CEB9-6C20-4071-9DAF-6D0DAA1FD1A4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n1008-unpc_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"73.9.0.18-r2\",\"matchCriteriaId\":\"D1F63759-80FE-4A56-8AE3-0F9B99112598\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n1008-unpc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C8B2388-7F07-4921-A87E-09D3B705A429\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n5008-upc_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"73.9.0.18-r2\",\"matchCriteriaId\":\"9E9E50A7-9795-4619-8C56-C1DB481E7706\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n5008-upc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B49E7A8-3823-4BFE-9BC1-86BA575C85AC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n5016-pe_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"75.9.0.18-r2\",\"matchCriteriaId\":\"2EE2DD36-C16F-4308-80B2-829FEA43CF5D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n5016-pe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98BCC15F-0126-436B-AD93-5485B0049051\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n5008-pe_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"75.9.0.18-r2\",\"matchCriteriaId\":\"05601450-3A08-4326-8884-03A93468FBA3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n5008-pe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B3BF03A-B2AD-40E9-8287-0A4BC78358FB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n7016-uph_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"71.9.0.18-r2\",\"matchCriteriaId\":\"C3A443C3-3520-4B85-AE5C-4230F4BF9067\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n7016-uph:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4781C7D-E014-4773-8066-2DC6564557DC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n7032-uph_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"71.9.0.18-r2\",\"matchCriteriaId\":\"3281A9A5-5838-4B16-8205-14FD64FB9E96\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n7032-uph:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A74207F3-9EEE-491D-AFDA-127A107DC40D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-n7048-uph_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"71.9.0.18-r2\",\"matchCriteriaId\":\"A77B9D2B-A8F5-4B4A-9D02-73F3E41AB0C2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:milesight:ms-n7048-uph:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D4B94E3-80EF-4A72-8069-15EAB4644D4C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-nxxxx-xxg_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"77.9.0.18-r2\",\"matchCriteriaId\":\"1AD1E452-B123-4287-BF44-F6D241F10188\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:milesight:ms-nxxxx-xxt_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"72.9.0.18-r2\",\"matchCriteriaId\":\"450E1C0E-B7D9-4913-B71B-8EBAB904BFA6\"}]}]}],\"references\":[{\"url\":\"https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0121\",\"source\":\"vdisclose@cert-in.org.in\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0121\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0121\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T14:28:50.605Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-30467\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-30T17:13:42.759241Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-30T17:11:49.694Z\"}}], \"cna\": {\"title\": \"Improper Authorization Vulnerability in Milesight Network Video Recorder (NVR)\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"This vulnerability is reported by Souvik Kandar and Arko Dhar from Redinent Innovations Engineering \u0026 Research Team, Karnataka, India.\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Milesight\", \"product\": \"NVR MS-Nxxxx-xxG\", \"versions\": [{\"status\": \"affected\", \"version\": \"77.X\", \"lessThan\": \"77.9.0.18-r2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Milesight\", \"product\": \"NVR MS-Nxxxx-xxE\", \"versions\": [{\"status\": \"affected\", \"version\": \"75.X\", \"lessThan\": \"75.9.0.18-r2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Milesight\", \"product\": \"NVR MS-Nxxxx-xxT\", \"versions\": [{\"status\": \"affected\", \"version\": \"72.X\", \"lessThan\": \"72.9.0.18-r2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Milesight\", \"product\": \"NVR MS-Nxxxx-xxH \", \"versions\": [{\"status\": \"affected\", \"version\": \"71.X\", \"lessThan\": \"71.9.0.18-r2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Milesight\", \"product\": \"NVR MS-Nxxxx-xxC\", \"versions\": [{\"status\": \"affected\", \"version\": \"73.X\", \"lessThan\": \"73.9.0.18-r2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Update\\nMilesight NVR firmware to latest version \\u00a0\\n\\n https://www.milesight.com/support/download/firmware https://www.milesight.com/support/download/firmware \\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eUpdate\\nMilesight NVR firmware to latest version \u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.milesight.com/support/download/firmware\\\"\u003ehttps://www.milesight.com/support/download/firmware\u003c/a\u003e\u003c/p\u003e\\n\\n\\n\\n\\n\\n\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0121\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to improper authorization at the Milesight NVR web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http requests on the targeted device.\\n\\nSuccessful exploitation of this vulnerability could allow remote attacker to perform unauthorized activities on the targeted device.\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eThis vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to improper authorization at the Milesight NVR web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http requests on the targeted device.\u003cbr\u003e\u003cbr\u003eSuccessful exploitation of this vulnerability could allow remote attacker to perform unauthorized activities on the targeted device.\u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003cb\u003e\u003c/b\u003e\u003c/p\u003e\\n\\n\\n\\n\\n\\n\u003cb\u003e\u003c/b\u003e\u003cb\u003e\u003c/b\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-285\", \"description\": \"CWE-285 Improper Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"66834db9-ab24-42b4-be80-296b2e40335c\", \"shortName\": \"CERT-In\", \"dateUpdated\": \"2023-04-28T10:12:11.694Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-30467\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-30T17:13:53.409Z\", \"dateReserved\": \"2023-04-10T10:20:17.201Z\", \"assignerOrgId\": \"66834db9-ab24-42b4-be80-296b2e40335c\", \"datePublished\": \"2023-04-28T10:12:11.694Z\", \"assignerShortName\": \"CERT-In\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.