CVE-2023-38433
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-38433
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions V01L001 to V01L053, IP-HE950D firmware versions V01L001 to V01L053, IP-HE900E firmware versions V01L001 to V01L010, IP-HE900D firmware versions V01L001 to V01L004, IP-900E / IP-920E firmware versions V01L001 to V02L061, IP-900D / IP-900ⅡD / IP-920D firmware versions V01L001 to V02L061, IP-90 firmware versions V01L001 to V01L013, and IP-9610 firmware versions V01L001 to V02L007.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Fujitsu Real-time Video Transmission Gear IP series 信任管理问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Fujitsu Real-time Video Transmission Gear IP series是日本富士通(Fujitsu)公司的一个实时视频传输设备。 Fujitsu Real-time Video Transmission Gear IP series 存在安全漏洞,该漏洞源于存在硬编码凭据漏洞。攻击者可以利用此漏洞在未经身份验证的情况下初始化或重启设备,从而导致视频传输终止。受影响的产品和版本如下:IP-HE950E 固件版本 V01L001 至 V01L053,IP-HE950D 固件版本
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Fujitsu Limited | IP-HE950E | firmware versions V01L001 to V01L053 | - | |
| Fujitsu Limited | IP-HE950D | firmware versions V01L001 to V01L053 | - | |
| Fujitsu Limited | IP-HE900E | firmware versions V01L001 to V01L010 | - | |
| Fujitsu Limited | IP-HE900D | firmware versions V01L001 to V01L004 | - | |
| Fujitsu Limited | IP-900E / IP-920E | firmware versions V01L001 to V02L061 | - | |
| Fujitsu Limited | IP-900D / IP-900ⅡD / IP-920D | firmware versions V01L001 to V02L061 | - | |
| Fujitsu Limited | IP-90 | firmware versions V01L001 to V01L013 | - | |
| Fujitsu Limited | IP-9610 | firmware versions V01L001 to V02L007 | - |
II. Public POCs for CVE-2023-38433
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Fujitsu Real-time Video Transmission Gear “IP series” use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. The credentials cannot be changed by the end-user and provide administrative access to the devices. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-38433.yaml | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-38433
请登录查看更多情报信息。
V. Comments for CVE-2023-38433
No comments yet