cbcvebase.
CVE-2023-2504
published 2023-05-22

CVE-2023-2504: Files present on firmware images could allow an attacker to gain unauthorized access as a root user using hard-coded credentials.

PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.46%
36.6th percentile
Files present on firmware images could allow an attacker to gain unauthorized access as a root user using hard-coded credentials.

Affected

10 ranges
VendorProductVersion rangeFixed in
birddog4k_quad
birddog4k_quad
birddog4k_quad_firmware
birddog4k_quad_firmware
birddoga300_eyes
birddoga300_firmware
birddogmini
birddogmini_firmware
birddogstudio_r3
birddogstudio_r3_firmware

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2023-2504 involves hard-coded root credentials embedded in BirdDog firmware images. Detect by identifying default/hard-coded root-level credential usage on affected BirdDog camera/encoder devices.
  • Affected firmware versions to flag in asset inventory or network scanning: BirdDog 4K QUAD versions 4.5.181 and 4.5.196, MINI version 2.6.2, A300 EYES version 3.4, STUDIO R3 version 3.6.4.
  • Monitor for unauthorized root-level authentication attempts or successful root logins on BirdDog camera/encoder devices, which may indicate exploitation of hard-coded credentials.
  • ·The CVSS vector indicates local access (AV:L) is required for exploitation, meaning an attacker needs access to the firmware image or local system to extract the hard-coded credentials, though the advisory also notes the vulnerability is 'exploitable remotely' once credentials are obtained.
  • ·No specific hard-coded credential values (usernames/passwords) are disclosed in the public advisories, limiting direct credential-based detection rules.
  • ·No known public exploits specifically targeting this vulnerability were identified at time of advisory publication.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.