CVE-2023-2505

HIGH7.7JSON export Create alert

Description

The affected products have a CSRF vulnerability that could allow an attacker to execute code and upload malicious files.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

High

Availability

None

Affected products

BirdDog / 4K QUAD4.5.181 – 4.5.181
BirdDog / 4K QUAD4.5.196 – 4.5.196
BirdDog / A300 EYES3.4 – 3.4
BirdDog / MINI2.6.2 – 2.6.2
BirdDog / STUDIO R33.6.4 – 3.6.4

References

VENDOR_ADVISORYhttps://www.cisa.gov/news-events/ics-advisories/icsa-23-131-11
MISChttps://birddog.tv/downloads/