CVE-2023-6919

Path Traversal: '/../filedir' vulnerability in Biges Safe Life Technologies Electronics Inc. VGuard allows Absolute Path Traversal.This issue affects VGuard: before V500.0003.R008.4011.C0012.B351.C.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.usom.gov.tr/bildirim/tr-24-0054	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:biges:vg-4c1a-lru_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:biges:vg-4c1a-lru:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:biges:vg-4c1a-lrpu_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:biges:vg-4c1a-lrpu:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:biges:vg-255a-bf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:biges:vg-255a-bf:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:biges:vg-255-bv_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:biges:vg-255-bv:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:biges:vg-255-df_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:biges:vg-255-df:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:biges:vg-64c8rd-nvr_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:biges:vg-64c8rd-nvr:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:biges:vg-4c1e-nvr_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:biges:vg-4c1e-nvr:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:biges:vg-8c1e-nvr_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:biges:vg-8c1e-nvr:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:biges:vg-8c1a-lrpu_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:biges:vg-8c1a-lrpu:-:*:*:*:*:*:*:*

History

01 Feb 2024, 19:43

Type	Values Removed	Values Added
First Time		Biges vg-4c1a-lrpu Firmware Biges vg-4c1e-nvr Biges vg-255-df Firmware Biges Biges vg-4c1a-lrpu Biges vg-4c1e-nvr Firmware Biges vg-255-bv Firmware Biges vg-8c1a-lrpu Biges vg-8c1e-nvr Firmware Biges vg-4c1a-lru Biges vg-255a-bf Biges vg-64c8rd-nvr Firmware Biges vg-64c8rd-nvr Biges vg-255-bv Biges vg-255a-bf Firmware Biges vg-255-df Biges vg-8c1a-lrpu Firmware Biges vg-8c1e-nvr Biges vg-4c1a-lru Firmware
References	~~() https://www.usom.gov.tr/bildirim/tr-24-0054 -~~	() https://www.usom.gov.tr/bildirim/tr-24-0054 - Third Party Advisory
CPE		cpe:2.3:o:biges:vg-255-df_firmware:::::::: cpe:2.3:h:biges:vg-4c1a-lrpu:-:::::::* cpe:2.3:h:biges:vg-255-bv:-:::::::* cpe:2.3:o:biges:vg-8c1a-lrpu_firmware:::::::: cpe:2.3:o:biges:vg-8c1e-nvr_firmware:::::::: cpe:2.3:o:biges:vg-255-bv_firmware:::::::: cpe:2.3:h:biges:vg-4c1e-nvr:-:::::::* cpe:2.3:h:biges:vg-8c1e-nvr:-:::::::* cpe:2.3:o:biges:vg-4c1e-nvr_firmware:::::::: cpe:2.3:o:biges:vg-255a-bf_firmware:::::::: cpe:2.3:o:biges:vg-64c8rd-nvr_firmware:::::::: cpe:2.3:h:biges:vg-8c1a-lrpu:-:::::::* cpe:2.3:h:biges:vg-4c1a-lru:-:::::::* cpe:2.3:o:biges:vg-4c1a-lrpu_firmware:::::::: cpe:2.3:h:biges:vg-64c8rd-nvr:-:::::::* cpe:2.3:o:biges:vg-4c1a-lru_firmware:::::::: cpe:2.3:h:biges:vg-255-df:-:::::::* cpe:2.3:h:biges:vg-255a-bf:-:::::::*

26 Jan 2024, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-01-26 08:15

Updated : 2024-02-28 20:54

NVD link : CVE-2023-6919

Mitre link : CVE-2023-6919

CVE.ORG link : CVE-2023-6919

JSON object : View

Products Affected

biges

vg-4c1a-lrpu
vg-255-bv_firmware
vg-255-df_firmware
vg-8c1a-lrpu_firmware
vg-4c1e-nvr_firmware
vg-255a-bf
vg-8c1e-nvr_firmware
vg-255-df
vg-4c1a-lru
vg-4c1a-lru_firmware
vg-64c8rd-nvr
vg-255a-bf_firmware
vg-64c8rd-nvr_firmware
vg-8c1a-lrpu
vg-4c1a-lrpu_firmware
vg-4c1e-nvr
vg-255-bv
vg-8c1e-nvr

CWE

CWE-25

Path Traversal: '/../filedir'

7.5 /10