PT-2023-21317 · Blackvue · Blackvue Dr750-2Ch Lte

Eyjhb

Published

2023-04-13

Updated

2023-04-25

CVE-2023-27747

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions BlackVue DR750-2CH LTE version 1.012 2022.10.26

Description The issue concerns the lack of authentication in the web server, allowing attackers to access sensitive information such as configurations and recordings.

Recommendations For BlackVue DR750-2CH LTE version 1.012 2022.10.26, consider restricting access to the web server as a temporary workaround until a patch is available.

Exploit

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2023-27747

Affected Products

Blackvue Dr750-2Ch Lte

PT-2023-21317 · Blackvue · Blackvue Dr750-2Ch Lte

CVE-2023-27747

Weakness Enumeration

Related Identifiers

Affected Products

References · 7