CVE-2023-30466

CRITICAL

Milesight Ms-n5008-uc Firmware - Password Reset Weakness

Title source: rule

Description

This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to a weak password reset mechanism at the Milesight NVR web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http requests on the targeted device. Successful exploitation of this vulnerability could allow remote attacker to account takeover on the targeted device.

References (1)

[Third Party Advisory] https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0121

Scores

CVSS v3 9.8

EPSS 0.0120

EPSS Percentile 78.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-640

Status published

Affected Products (21)

milesight/ms-n5008-uc_firmware < 73.9.0.18-r2

milesight/ms-n1008-unc_firmware < 73.9.0.18-r2

milesight/ms-n1008-uc_firmware < 73.9.0.18-r2

milesight/ms-n1004-uc_firmware < 73.9.0.18-r2

milesight/ms-n5016-e_firmware < 75.9.0.18-r2

milesight/ms-n5008-e_firmware < 75.9.0.18-r2

milesight/ms-n7016-uh_firmware < 71.9.0.18-r2

milesight/ms-n7032-uh_firmware < 71.9.0.18-r2

milesight/ms-n8064-uh_firmware < 71.9.0.18-r2

milesight/ms-n8032-uh_firmware < 71.9.0.18-r2

milesight/ms-n1004-upc_firmware < 73.9.0.18-r2

milesight/ms-n1008-upc_firmware < 73.9.0.18-r2

milesight/ms-n1008-unpc_firmware < 73.9.0.18-r2

milesight/ms-n5008-upc_firmware < 73.9.0.18-r2

milesight/ms-n5016-pe_firmware < 75.9.0.18-r2

... and 6 more

Timeline

Published Apr 28, 2023

Tracked Since Feb 18, 2026