CVE-2023-30466
published 2023-04-28CVE-2023-30466: This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to a weak…
PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.13%
62.4th percentile
This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to a weak password reset mechanism at the Milesight NVR web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http requests on the targeted device.
Successful exploitation of this vulnerability could allow remote attacker to account takeover on the targeted device.
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| milesight | ms-n1004-uc_firmware | < 73.9.0.18-r2 | 73.9.0.18-r2 |
| milesight | ms-n1004-upc_firmware | < 73.9.0.18-r2 | 73.9.0.18-r2 |
| milesight | ms-n1008-uc_firmware | < 73.9.0.18-r2 | 73.9.0.18-r2 |
| milesight | ms-n1008-unc_firmware | < 73.9.0.18-r2 | 73.9.0.18-r2 |
| milesight | ms-n1008-unpc_firmware | < 73.9.0.18-r2 | 73.9.0.18-r2 |
| milesight | ms-n1008-upc_firmware | < 73.9.0.18-r2 | 73.9.0.18-r2 |
| milesight | ms-n5008-e_firmware | < 75.9.0.18-r2 | 75.9.0.18-r2 |
| milesight | ms-n5008-pe_firmware | < 75.9.0.18-r2 | 75.9.0.18-r2 |
| milesight | ms-n5008-uc_firmware | < 73.9.0.18-r2 | 73.9.0.18-r2 |
| milesight | ms-n5008-upc_firmware | < 73.9.0.18-r2 | 73.9.0.18-r2 |
| milesight | ms-n5016-e_firmware | < 75.9.0.18-r2 | 75.9.0.18-r2 |
| milesight | ms-n5016-pe_firmware | < 75.9.0.18-r2 | 75.9.0.18-r2 |
| milesight | ms-n7016-uh_firmware | < 71.9.0.18-r2 | 71.9.0.18-r2 |
| milesight | ms-n7016-uph_firmware | < 71.9.0.18-r2 | 71.9.0.18-r2 |
| milesight | ms-n7032-uh_firmware | < 71.9.0.18-r2 | 71.9.0.18-r2 |
| milesight | ms-n7032-uph_firmware | < 71.9.0.18-r2 | 71.9.0.18-r2 |
| milesight | ms-n7048-uph_firmware | < 71.9.0.18-r2 | 71.9.0.18-r2 |
| milesight | ms-n8032-uh_firmware | < 71.9.0.18-r2 | 71.9.0.18-r2 |
| milesight | ms-n8064-uh_firmware | < 71.9.0.18-r2 | 71.9.0.18-r2 |
| milesight | ms-nxxxx-xxg_firmware | < 77.9.0.18-r2 | 77.9.0.18-r2 |
| milesight | ms-nxxxx-xxt_firmware | < 72.9.0.18-r2 | 72.9.0.18-r2 |
| milesight | nvr_ms-nxxxx-xxc | >= 73.X < 73.9.0.18-r2 | 73.9.0.18-r2 |
| milesight | nvr_ms-nxxxx-xxe | >= 75.X < 75.9.0.18-r2 | 75.9.0.18-r2 |
| milesight | nvr_ms-nxxxx-xxg | >= 77.X < 77.9.0.18-r2 | 77.9.0.18-r2 |
| milesight | nvr_ms-nxxxx-xxh | >= 71.X < 71.9.0.18-r2 | 71.9.0.18-r2 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-04-28
Published