CVE-2023-3704

{"id": "CVE-2023-3704", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "vdisclose@cert-in.org.in", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2023-08-24T07:15:11.670", "references": [{"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0240", "tags": ["Vendor Advisory"], "source": "vdisclose@cert-in.org.in"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device.\n\nSuccessful exploitation of this vulnerability could allow the remote attacker to change system time of the targeted device.\n"}], "lastModified": "2023-09-01T17:12:08.027", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cpplusworld:cp-uvr-1601e1-hc_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F50BFF3B-3529-46A3-B929-CACB95B006E7", "versionEndExcluding": "4.000.00at008.0.0.r20230302"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cpplusworld:cp-uvr-1601e1-hc:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "84A45779-48D1-4595-A197-6CBB7EEC6121"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cpplusworld:cp-uvr-0401l1-4kh_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C056636C-386E-441F-9674-AD952512B2DB", "versionEndExcluding": "4.000.00at008.0.0.r20230302"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cpplusworld:cp-uvr-0401l1-4kh:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2A3D4B69-934D-42D0-BA62-E9E0EDC44F2E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cpplusworld:cp-uvr-0401l1b-4kh_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B953B765-2340-4932-96E5-FD325046B16E", "versionEndExcluding": "4.000.00at008.0.0.r20230302"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cpplusworld:cp-uvr-0401l1b-4kh:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6838A98D-2C8F-4184-AB97-C332E63B8467"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cpplusworld:cp-uvr-0801f1-hc_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C2699B2-0EF7-4F71-867B-A606BC81E629", "versionEndExcluding": "4.000.00at008.0.0.r20230302"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cpplusworld:cp-uvr-0801f1-hc:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5F3E8529-C7EC-49A6-8956-3DDA9EB0A311"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cpplusworld:cp-uvr-0801k1-h_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "471365C3-84D0-4B8B-84A5-36BDE78CDA2A", "versionEndExcluding": "4.000.00at008.0.0.r20230302"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cpplusworld:cp-uvr-0801k1-h:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AB06A051-0017-4D7C-B0AB-8D549A534062"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cpplusworld:cp-uvr-0801k1b-h_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B61D25A0-8FE8-4F5D-A15E-97F27DC24D4F", "versionEndExcluding": "4.000.00at008.0.0.r20230302"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cpplusworld:cp-uvr-0801k1b-h:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1CF0A8A0-84F9-411A-AC0F-4B8B4B804CF9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cpplusworld:cp-uvr-0808k1-h_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "424EFCC3-244B-46A2-B229-DA8D0CC5B899", "versionEndExcluding": "4.000.00at008.0.0.r20230302"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cpplusworld:cp-uvr-0808k1-h:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "79D02BBE-2CE9-4408-A2AD-D4968F56F445"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cpplusworld:cp-uvr-1601e1-h_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54C23340-21A7-4E6C-BEF0-FABB766DCA58", "versionEndExcluding": "4.000.00at008.0.0.r20230302"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cpplusworld:cp-uvr-1601e1-h:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6535FC29-B508-4811-9BFB-513DBE17F01E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cpplusworld:cp-uvr-1601e2-h_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "176C02FF-444E-4170-844F-33BEAD0575DB", "versionEndExcluding": "4.000.00at008.0.0.r20230302"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cpplusworld:cp-uvr-1601e2-h:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5FFC9164-EBE3-42CE-B3A3-D45FF042A5F6"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "vdisclose@cert-in.org.in"}