CVE-2023-38585

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 23, 2023

Updated: Aug 29, 2023

CWE ID 287

Summary

CVE-2023-38585 is an authentication vulnerability affecting certain CBC products. This issue enables a remote, authenticated attacker to execute arbitrary OS commands or alter settings on the device. The specific products and their versions vulnerable to this vulnerability should be checked on the vendor's detailed information. It is important to note that older versions of NR4H, NR8H, NR16H series, and DR-16F, DR-8F, DR-4F, DR-16H, DR-8H, DR-4H, DR-4M41 series are no longer supported and will not receive updates to address this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sSaYSh
https://www.cve.org/CVERecord?id=CVE-2023-38585
https://nvd.nist.gov/vuln/detail/CVE-2023-38585

Back to Vulnerability Database

CVE-2023-38585

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations