CVE-2023-47674
Published: Nov 16, 2023
Modified: Jun 11, 2025
Description
Missing authentication for critical function vulnerability in First Corporation's DVRs allows a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are provided only for Late model of CFR-4EABC, CFR-4EAB, CFR-8EAB, CFR-16EAB, MD-404AB, and MD-808AB. As for the other products, apply the workaround.
| Vendor | Product | Versions |
|---|---|---|
First Co., Ltd. | CFR-904E, CFR-908E, CFR-916E | affected firmware all versions |
First Co., Ltd. | CFR-4EHD, CFR-8EHD, CFR-16EHD | affected firmware all versions |
First Co., Ltd. | CFR-4EHA, CFR-8EHA, CFR-16EHA | affected firmware all versions |
First Co., Ltd. | CFR-4EAAM, CFR-4EABC | affected firmware all versions |
First Co., Ltd. | CFR-4EAA, CFR-8EAA, CFR-16EAA | affected firmware all versions |
First Co., Ltd. | CFR-4EAB, CFR-8EAB, CFR-16EAB | affected firmware all versions |
First Co., Ltd. | CFR-1004EA, CFR-1008EA, CFR-1016EA | affected firmware all versions |
First Co., Ltd. | MD-404HD, MD-808HD | affected firmware all versions |
First Co., Ltd. | MD-404HA, MD-808HA | affected firmware all versions |
First Co., Ltd. | MD-404AA, MD-808AA | affected firmware all versions |
First Co., Ltd. | MD-404AB, MD-808AB | affected firmware all versions |
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now