CVE-2023-3705

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions CP-Plus NVR (affected versions not specified)

Description The issue exists due to improper input handling at the web-based management interface of the affected product. An unauthenticated remote attacker could exploit this by sending specially crafted HTTP requests to the vulnerable device. Successful exploitation could allow the remote attacker to obtain sensitive information on the targeted device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-200

Related Identifiers

CVE-2023-3705

Affected Products

Cp-Plus Nvr

CVE-2023-3705

Weakness Enumeration

Related Identifiers

Affected Products

References · 4