CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-27748

BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authenticity check for uploaded firmware. This can allow attackers to upload crafted firmware which contains backdoors and enables arbitrary code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.2%

CVSS Severity

CVSS v3 Score 9.8

References

https://blackvue.com
https://github.com/eyJhb/blackvue-cve-2022
https://github.com/eyJhb/blackvue-cve-2023
https://shop.blackvue.com/product/dr750-2ch-ir-lte/
https://blackvue.com
https://github.com/eyJhb/blackvue-cve-2022
https://github.com/eyJhb/blackvue-cve-2023
https://shop.blackvue.com/product/dr750-2ch-ir-lte/

Products affected by CVE-2023-27748

Blackvue » Dr750-2ch Ir Lte » Version: N/A

cpe:2.3:h:blackvue:dr750-2ch_ir_lte:-
Blackvue » Dr750-2ch Lte » Version: N/A

cpe:2.3:h:blackvue:dr750-2ch_lte:-
Blackvue » Dr750-2ch Ir Lte Firmware » Version: 1.012_2022.10.26

cpe:2.3:o:blackvue:dr750-2ch_ir_lte_firmware:1.012_2022.10.26
Blackvue » Dr750-2ch Lte Firmware » Version: 1.012_2022.10.26

cpe:2.3:o:blackvue:dr750-2ch_lte_firmware:1.012_2022.10.26

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-27748

Products

Pricing

Contact Us