CVE-2023-38585

Summary

CVE	CVE-2023-38585
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-08-23 03:15:00 UTC
Updated	2023-08-29 14:36:00 UTC
Description	Improper authentication vulnerability in the CBC products allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter its settings. As for the affected products/versions, see the detailed information provided by the vendor. Note that NR4H, NR8H, NR16H series and DR-16F, DR-8F, DR-4F, DR-16H, DR-8H, DR-4H, DR-4M41 series are no longer supported, therefore updates for those products are not provided.

Risk And Classification

Problem Types: CWE-287

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Cbc	Dr-16f42a	-	All	All	All
Operating System	Cbc	Dr-16f42a Firmware	-	All	All	All
Hardware	Cbc	Dr-16f45at	-	All	All	All
Operating System	Cbc	Dr-16f45at Firmware	-	All	All	All
Hardware	Cbc	Dr-16h	-	All	All	All
Operating System	Cbc	Dr-16h Firmware	-	All	All	All
Hardware	Cbc	Dr-16m52	-	All	All	All
Hardware	Cbc	Dr-16m52-av	-	All	All	All
Operating System	Cbc	Dr-16m52-av Firmware	-	All	All	All
Operating System	Cbc	Dr-16m52 Firmware	-	All	All	All
Hardware	Cbc	Dr-4fx1	-	All	All	All
Operating System	Cbc	Dr-4fx1 Firmware	-	All	All	All
Hardware	Cbc	Dr-4h	-	All	All	All
Operating System	Cbc	Dr-4h Firmware	-	All	All	All
Hardware	Cbc	Dr-4m51-av	-	All	All	All
Operating System	Cbc	Dr-4m51-av Firmware	-	All	All	All
Hardware	Cbc	Dr-8f42a	-	All	All	All
Operating System	Cbc	Dr-8f42a Firmware	-	All	All	All
Hardware	Cbc	Dr-8f45at	-	All	All	All
Operating System	Cbc	Dr-8f45at Firmware	-	All	All	All
Hardware	Cbc	Dr-8h	-	All	All	All
Operating System	Cbc	Dr-8h Firmware	-	All	All	All
Hardware	Cbc	Dr-8m52-av	-	All	All	All
Operating System	Cbc	Dr-8m52-av Firmware	-	All	All	All
Hardware	Cbc	Drh8-4m41-a	-	All	All	All
Operating System	Cbc	Drh8-4m41-a Firmware	-	All	All	All
Hardware	Cbc	Nr-16f82-16p	-	All	All	All
Operating System	Cbc	Nr-16f82-16p Firmware	-	All	All	All
Hardware	Cbc	Nr-16f85-8pra	-	All	All	All
Operating System	Cbc	Nr-16f85-8pra Firmware	-	All	All	All
Hardware	Cbc	Nr-16m	-	All	All	All
Operating System	Cbc	Nr-16m Firmware	-	All	All	All
Hardware	Cbc	Nr-4f	-	All	All	All
Operating System	Cbc	Nr-4f Firmware	-	All	All	All
Hardware	Cbc	Nr-8f	-	All	All	All
Operating System	Cbc	Nr-8f Firmware	-	All	All	All
Hardware	Cbc	Nr16h	-	All	All	All
Operating System	Cbc	Nr16h Firmware	-	All	All	All
Hardware	Cbc	Nr4h	-	All	All	All
Operating System	Cbc	Nr4h Firmware	-	All	All	All
Hardware	Cbc	Nr8-4m71	-	All	All	All
Operating System	Cbc	Nr8-4m71 Firmware	-	All	All	All
Hardware	Cbc	Nr8-8m72	-	All	All	All
Operating System	Cbc	Nr8-8m72 Firmware	-	All	All	All
Hardware	Cbc	Nr8h	-	All	All	All
Operating System	Cbc	Nr8h Firmware	-	All	All	All

References

Reference	Source	Link	Tags
GANZ™ by CBC - Download Portal - [http://download.ganzsecurity.pl/]	MISC	download.ganzsecurity.pl
JVNVU#92545432: Multiple vulnerabilities in CBC digital video recorders	MISC	jvn.jp
DigiMaster/PixelMaster Security Notice: News Releases - Ganz Security	MISC	ganzsecurity.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.