CVE-2023-45801

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-45801
Improper Authentication vulnerability in Nadatel DVR allows Information Elicitation.This issue affects DVR: from 3.0.0 before 9.9.0.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
http://www.nadatel.com/ Product
http://www.nadatel.com/ Product
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:nadatel:at-0402r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0402r:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:nadatel:at-0815r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0815r:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:nadatel:at-1623r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-1623r:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:nadatel:at-0402l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0402l:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:nadatel:at-0815l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0815l:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:nadatel:at-1623l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-1623l:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:nadatel:at-0402e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0402e:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:nadatel:at-0815e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0815e:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:nadatel:at-1623e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-1623e:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:nadatel:at-0402m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0402m:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:nadatel:at-0815m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0815m:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:nadatel:at-1623m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-1623m:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:nadatel:at-0413m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0413m:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:nadatel:at-0823m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0823m:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:nadatel:at-1643m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-1643m:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:nadatel:at-0413s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0413s:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:nadatel:at-0823s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0823s:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:nadatel:at-1643s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-1643s:-:*:*:*:*:*:*:*
History

21 Nov 2024, 08:27

Type Values Removed Values Added
References () http://www.nadatel.com/ - Product () http://www.nadatel.com/ - Product

15 Dec 2023, 17:12

Type Values Removed Values Added
References () http://www.nadatel.com/ - () http://www.nadatel.com/ - Product
CWE CWE-287
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5
CPE cpe:2.3:o:nadatel:at-0413s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0823m:-:*:*:*:*:*:*:*
cpe:2.3:o:nadatel:at-0402m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0815r:-:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0815l:-:*:*:*:*:*:*:*
cpe:2.3:o:nadatel:at-0402l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-1623e:-:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0402r:-:*:*:*:*:*:*:*
cpe:2.3:o:nadatel:at-1643m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-1623r:-:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0413s:-:*:*:*:*:*:*:*
cpe:2.3:o:nadatel:at-0815r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:nadatel:at-0823m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0823s:-:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-1623l:-:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-1643m:-:*:*:*:*:*:*:*
cpe:2.3:o:nadatel:at-0402r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:nadatel:at-0823s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-1643s:-:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0402l:-:*:*:*:*:*:*:*
cpe:2.3:o:nadatel:at-0815e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0413m:-:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0402e:-:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0815e:-:*:*:*:*:*:*:*
cpe:2.3:o:nadatel:at-1643s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:nadatel:at-1623r_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:nadatel:at-0815m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:nadatel:at-0815l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:nadatel:at-1623m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:nadatel:at-1623e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:nadatel:at-0402e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0815m:-:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-0402m:-:*:*:*:*:*:*:*
cpe:2.3:o:nadatel:at-1623l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nadatel:at-1623m:-:*:*:*:*:*:*:*
cpe:2.3:o:nadatel:at-0413m_firmware:*:*:*:*:*:*:*:*

13 Dec 2023, 03:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-12-13 03:15

Updated : 2024-11-21 08:27

NVD link : CVE-2023-45801

Mitre link : CVE-2023-45801

CVE.ORG link : CVE-2023-45801

JSON object : View

Products Affected

nadatel

  • at-0402m
  • at-0815l_firmware
  • at-0815e_firmware
  • at-1643s
  • at-1623r
  • at-0815e
  • at-0823m
  • at-0815r_firmware
  • at-0402r_firmware
  • at-0815m_firmware
  • at-1643m_firmware
  • at-1623e
  • at-1643s_firmware
  • at-0815l
  • at-1623r_firmware
  • at-0823s_firmware
  • at-1623e_firmware
  • at-0413m
  • at-0815r
  • at-1623l_firmware
  • at-0815m
  • at-0402l_firmware
  • at-1623m_firmware
  • at-0823m_firmware
  • at-0402e_firmware
  • at-0402r
  • at-0413s
  • at-1623m
  • at-0823s
  • at-1623l
  • at-0402e
  • at-0402m_firmware
  • at-0413m_firmware
  • at-1643m
  • at-0413s_firmware
  • at-0402l
CWE
CWE-287

Improper Authentication