Vulnerability Details CVE-2023-48121
An authentication bypass vulnerability in the Direct Connection Module in Ezviz CS-C6N-xxx prior to v5.3.x build 20230401, Ezviz CS-CV310-xxx prior to v5.3.x build 20230401, Ezviz CS-C6CN-xxx prior to v5.3.x build 20230401, Ezviz CS-C3N-xxx prior to v5.3.x build 20230401 allows remote attackers to obtain sensitive information by sending crafted messages to the affected devices.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.7%
CVSS Severity
CVSS v3 Score 5.3
References
- https://joerngermany.github.io/ezviz_vulnerability/
- https://www.ezviz.com/data-security/security-notice/detail/911
- https://www.hikvision.com/hk/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-products/
- https://joerngermany.github.io/ezviz_vulnerability/
- https://www.ezviz.com/data-security/security-notice/detail/911
- https://www.hikvision.com/hk/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-products/
Products affected by CVE-2023-48121
-
cpe:2.3:h:ezviz:cs-c3n-a0-3h2wfrl:-
-
cpe:2.3:h:ezviz:cs-c6cn-a0-3h2wfr:-
-
cpe:2.3:h:ezviz:cs-c6n-a0-1c2wfr:-
-
cpe:2.3:h:ezviz:cs-cv310-a0-1c2wfr:-
-
cpe:2.3:o:ezviz:cs-c3n-a0-3h2wfrl_firmware:-
-
cpe:2.3:o:ezviz:cs-c6cn-a0-3h2wfr_firmware:-
-
cpe:2.3:o:ezviz:cs-c6n-a0-1c2wfr_firmware:-
-
cpe:2.3:o:ezviz:cs-cv310-a0-1c2wfr_firmware:-