CVE-2023-40158

Hidden functionality vulnerability in the CBC products allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter its settings. As for the affected products/versions, see the detailed information provided by the vendor. Note that NR4H, NR8H, NR16H series and DR-16F, DR-8F, DR-4F, DR-16H, DR-8H, DR-4H, DR-4M41 series are no longer supported, therefore updates for those products are not provided.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:cbc:nr4h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr4h:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:cbc:nr8h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr8h:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:cbc:nr16h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr16h:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:cbc:dr-16f42a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-16f42a:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:cbc:dr-16f45at_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-16f45at:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:cbc:dr-8f42a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-8f42a:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:cbc:dr-8f45at_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-8f45at:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:cbc:dr-4fx1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-4fx1:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:cbc:dr-16h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-16h:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:cbc:dr-8h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-8h:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:cbc:dr-4h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-4h:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:cbc:drh8-4m41-a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:drh8-4m41-a:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:cbc:nr8-4m71_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr8-4m71:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:cbc:nr8-8m72_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr8-8m72:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:cbc:nr-16m_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr-16m:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:cbc:nr-16f85-8pra_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr-16f85-8pra:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:cbc:nr-16f82-16p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr-16f82-16p:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:cbc:nr-4f_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr-4f:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:cbc:nr-8f_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr-8f:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:cbc:dr-16m52_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-16m52:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:cbc:dr-16m52-av_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-16m52-av:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:cbc:dr-8m52-av_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-8m52-av:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:cbc:dr-4m51-av_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-4m51-av:-:*:*:*:*:*:*:*

History

21 Nov 2024, 08:18

Type Values Removed Values Added
References () https://download.ganzsecurity.pl/ - Product () https://download.ganzsecurity.pl/ - Product
References () https://ganzsecurity.com/release/1578/digimasterpixelmaster-security-notice - Vendor Advisory () https://ganzsecurity.com/release/1578/digimasterpixelmaster-security-notice - Vendor Advisory
References () https://jvn.jp/en/vu/JVNVU92545432/ - Third Party Advisory () https://jvn.jp/en/vu/JVNVU92545432/ - Third Party Advisory

11 Oct 2024, 22:35

Type Values Removed Values Added
CWE CWE-912

29 Aug 2023, 14:35

Type Values Removed Values Added
References (MISC) https://ganzsecurity.com/release/1578/digimasterpixelmaster-security-notice - (MISC) https://ganzsecurity.com/release/1578/digimasterpixelmaster-security-notice - Vendor Advisory
References (MISC) https://jvn.jp/en/vu/JVNVU92545432/ - (MISC) https://jvn.jp/en/vu/JVNVU92545432/ - Third Party Advisory
References (MISC) https://download.ganzsecurity.pl/ - (MISC) https://download.ganzsecurity.pl/ - Product
CWE NVD-CWE-Other
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.8
CPE cpe:2.3:h:cbc:dr-16f42a:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr-8f:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:dr-4fx1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:dr-16m52-av_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-16m52-av:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:dr-8f45at_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:dr-8f42a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-16m52:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:drh8-4m41-a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:dr-16h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-8f42a:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr-16m:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-8m52-av:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:nr-16m_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:dr-4h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr4h:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-4fx1:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-4h:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr-16f85-8pra:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:nr8-4m71_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:nr16h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr-16f82-16p:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-16h:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:dr-4m51-av_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:nr-16f85-8pra_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:nr-8f_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:dr-16f42a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-4m51-av:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr8-4m71:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:drh8-4m41-a:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:dr-16m52_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr8-8m72:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:nr4h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-8h:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-16f45at:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:dr-8f45at:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:nr-16f82-16p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:nr8-8m72_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr16h:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:nr-4f_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:dr-16f45at_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:nr8h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:dr-8h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr-4f:-:*:*:*:*:*:*:*
cpe:2.3:h:cbc:nr8h:-:*:*:*:*:*:*:*
cpe:2.3:o:cbc:dr-8m52-av_firmware:-:*:*:*:*:*:*:*
First Time Cbc nr-8f
Cbc dr-8f45at
Cbc nr8-4m71 Firmware
Cbc dr-16m52-av
Cbc dr-8h
Cbc nr-16f82-16p
Cbc nr8h Firmware
Cbc dr-4m51-av
Cbc dr-16m52
Cbc nr16h
Cbc dr-16f45at
Cbc nr8h
Cbc dr-8f42a Firmware
Cbc
Cbc dr-16f45at Firmware
Cbc dr-4fx1
Cbc nr16h Firmware
Cbc dr-16h Firmware
Cbc nr8-4m71
Cbc nr-4f Firmware
Cbc dr-8f42a
Cbc nr4h
Cbc dr-16m52 Firmware
Cbc nr-16m
Cbc dr-16f42a
Cbc dr-8h Firmware
Cbc dr-4h Firmware
Cbc nr8-8m72 Firmware
Cbc dr-16h
Cbc nr-16f82-16p Firmware
Cbc nr-4f
Cbc nr-8f Firmware
Cbc nr4h Firmware
Cbc dr-4m51-av Firmware
Cbc dr-4h
Cbc dr-8m52-av Firmware
Cbc nr-16f85-8pra
Cbc nr-16m Firmware
Cbc dr-16m52-av Firmware
Cbc dr-4fx1 Firmware
Cbc drh8-4m41-a
Cbc nr-16f85-8pra Firmware
Cbc nr8-8m72
Cbc dr-8f45at Firmware
Cbc dr-8m52-av
Cbc drh8-4m41-a Firmware
Cbc dr-16f42a Firmware

23 Aug 2023, 03:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-08-23 03:15

Updated : 2024-11-21 08:18


NVD link : CVE-2023-40158

Mitre link : CVE-2023-40158

CVE.ORG link : CVE-2023-40158


JSON object : View

Products Affected

cbc

  • dr-16f42a
  • nr-8f_firmware
  • dr-16h
  • nr-4f
  • nr-16m
  • dr-8m52-av
  • dr-8f45at
  • dr-16m52-av_firmware
  • nr8h
  • nr-4f_firmware
  • dr-4m51-av_firmware
  • drh8-4m41-a_firmware
  • dr-4fx1_firmware
  • dr-4h_firmware
  • dr-8f45at_firmware
  • nr16h
  • dr-16f42a_firmware
  • dr-4h
  • nr16h_firmware
  • dr-8f42a_firmware
  • dr-8h
  • drh8-4m41-a
  • dr-4fx1
  • nr-16f85-8pra
  • dr-16m52_firmware
  • nr-8f
  • nr-16m_firmware
  • dr-16f45at
  • dr-8f42a
  • nr8-8m72
  • dr-16m52-av
  • dr-16f45at_firmware
  • dr-16h_firmware
  • dr-8h_firmware
  • nr8-4m71
  • nr4h_firmware
  • nr-16f85-8pra_firmware
  • nr8-8m72_firmware
  • dr-16m52
  • nr4h
  • dr-4m51-av
  • nr8h_firmware
  • nr8-4m71_firmware
  • nr-16f82-16p_firmware
  • nr-16f82-16p
  • dr-8m52-av_firmware
CWE
NVD-CWE-Other CWE-912

Hidden Functionality