CVE-2023-23575

Improper access control vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker to bypass access restriction and access Network Maintenance page, which may result in obtaining the network information of the product. The affected products and versions are as follows: M2M Gateway with the firmware Ver.3.7.10 and earlier (CPS-MG341-ADSC1-111, CPS-MG341-ADSC1-931, CPS-MG341G-ADSC1-111, CPS-MG341G-ADSC1-930, and CPS-MG341G5-ADSC1-931), M2M Controller Integrated Type with firmware Ver.3.7.6 and earlier versions (CPS-MC341-ADSC1-111, CPS-MC341-ADSC1-931, CPS-MC341-ADSC2-111, CPS-MC341G-ADSC1-110, CPS-MC341Q-ADSC1-111, CPS-MC341-DS1-111, CPS-MC341-DS11-111, CPS-MC341-DS2-911, and CPS-MC341-A1-111), and M2M Controller Configurable Type with firmware Ver.3.8.8 and earlier versions (CPS-MCS341-DS1-111, CPS-MCS341-DS1-131, CPS-MCS341G-DS1-130, CPS-MCS341G5-DS1-130, and CPS-MCS341Q-DS1-131).
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:contec:cps-mg341-adsc1-111_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mg341-adsc1-111:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:contec:cps-mg341-adsc1-931_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mg341-adsc1-931:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:contec:cps-mg341g-adsc1-111_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mg341g-adsc1-111:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:contec:cps-mg341g-adsc1-930_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mg341g-adsc1-930:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:contec:cps-mg341g5-adsc1-931_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mg341g5-adsc1-931:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:contec:cps-mc341-adsc1-111_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mc341-adsc1-111:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:contec:cps-mc341-adsc1-931_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mc341-adsc1-931:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:contec:cps-mc341-adsc2-111_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mc341-adsc2-111:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:contec:cps-mc341g-adsc1-110_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mc341g-adsc1-110:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:contec:cps-mc341q-adsc1-111_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mc341q-adsc1-111:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:contec:cps-mc341-ds1-111_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mc341-ds1-111:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:contec:cps-mc341-ds11-111_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mc341-ds11-111:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:contec:cps-mc341-ds2-911_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mc341-ds2-911:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:contec:cps-mc341-a1-111_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mc341-a1-111:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:contec:cps-mcs341-ds1-111_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mcs341-ds1-111:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:contec:cps-mcs341-ds1-131_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mcs341-ds1-131:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:contec:cps-mcs341g-ds1-130_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mcs341g-ds1-130:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:contec:cps-mcs341g5-ds1-130_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mcs341g5-ds1-130:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:contec:cps-mcs341q-ds1-131_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:contec:cps-mcs341q-ds1-131:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:46

Type Values Removed Values Added
References () https://jvn.jp/en/vu/JVNVU96198617/ - Third Party Advisory () https://jvn.jp/en/vu/JVNVU96198617/ - Third Party Advisory
References () https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_cps_230317_en.pdf - Mitigation, Vendor Advisory () https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_cps_230317_en.pdf - Mitigation, Vendor Advisory
References () https://www.contec.com/download/donwload-list/?itemid=a054b3eb-da97-40d0-9598-d7f5ff4239ec#firmware - Product () https://www.contec.com/download/donwload-list/?itemid=a054b3eb-da97-40d0-9598-d7f5ff4239ec#firmware - Product
References () https://www.contec.com/download/donwload-list/?itemid=a1b33f0d-d32b-4549-9741-613cd37d5528#firmware - Product () https://www.contec.com/download/donwload-list/?itemid=a1b33f0d-d32b-4549-9741-613cd37d5528#firmware - Product
References () https://www.contec.com/download/donwload-list/?itemid=f832c526-dcf6-4976-85aa-f536c15a8120#firmware - Product () https://www.contec.com/download/donwload-list/?itemid=f832c526-dcf6-4976-85aa-f536c15a8120#firmware - Product

Information

Published : 2023-04-11 09:15

Updated : 2024-11-21 07:46


NVD link : CVE-2023-23575

Mitre link : CVE-2023-23575

CVE.ORG link : CVE-2023-23575


JSON object : View

Products Affected

contec

  • cps-mg341g-adsc1-930
  • cps-mc341-ds1-111
  • cps-mcs341g5-ds1-130
  • cps-mg341-adsc1-111
  • cps-mc341-a1-111
  • cps-mcs341q-ds1-131
  • cps-mc341q-adsc1-111
  • cps-mc341-ds11-111_firmware
  • cps-mc341-ds2-911
  • cps-mg341-adsc1-931
  • cps-mg341g5-adsc1-931
  • cps-mc341-adsc2-111_firmware
  • cps-mc341-ds11-111
  • cps-mcs341g-ds1-130_firmware
  • cps-mcs341-ds1-131
  • cps-mcs341-ds1-131_firmware
  • cps-mg341-adsc1-111_firmware
  • cps-mc341-ds2-911_firmware
  • cps-mc341g-adsc1-110
  • cps-mg341g-adsc1-111_firmware
  • cps-mcs341q-ds1-131_firmware
  • cps-mg341g5-adsc1-931_firmware
  • cps-mc341g-adsc1-110_firmware
  • cps-mg341g-adsc1-111
  • cps-mg341-adsc1-931_firmware
  • cps-mc341-ds1-111_firmware
  • cps-mcs341g5-ds1-130_firmware
  • cps-mc341-adsc1-111_firmware
  • cps-mcs341-ds1-111
  • cps-mg341g-adsc1-930_firmware
  • cps-mc341-adsc1-111
  • cps-mc341-a1-111_firmware
  • cps-mcs341-ds1-111_firmware
  • cps-mc341-adsc1-931
  • cps-mc341-adsc1-931_firmware
  • cps-mcs341g-ds1-130
  • cps-mc341-adsc2-111
  • cps-mc341q-adsc1-111_firmware