Critical severity9.1NVD Advisory· Published Jan 26, 2023· Updated Jun 17, 2026
CVE-2023-0321
CVE-2023-0321
Description
Campbell Scientific dataloggers CR6, CR300, CR800, CR1000 and CR3000 may allow an attacker to download configuration files, which may contain sensitive information about the internal network. From factory defaults, the mentioned datalogges have HTTP and PakBus enabled. The devices, with the default configuration, allow this situation via the PakBus port. The exploitation of this vulnerability may allow an attacker to download, modify, and upload new configuration files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6(expand)+ 1 more
- (no CPE)
- (no CPE)range: all version
(expand)+ 1 more
- (no CPE)
- (no CPE)range: all version
Patches
Vulnerability mechanics
References
2- www.hackplayers.com/2023/01/cve-2023-0321-info-sensible-campbell.htmlnvdExploitThird Party Advisory
- www.incibe-cert.es/en/early-warning/ics-advisories/disclosure-sensitive-information-campbell-scientific-productsnvdMitigationThird Party Advisory
News mentions
0No linked articles in our index yet.