Unrated severityNVD Advisory· Published Nov 16, 2023· Updated Jun 11, 2025

CVE-2023-47674

Description

Missing authentication for critical function vulnerability in First Corporation's DVRs allows a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are provided only for Late model of CFR-4EABC, CFR-4EAB, CFR-8EAB, CFR-16EAB, MD-404AB, and MD-808AB. As for the other products, apply the workaround.

Affected products

First Co., Ltd./Cfr 4eab, Cfr 8eab, Cfr 16eabv5
Range: firmware all versions

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/en/vu/JVNVU99077347/mitre
www.c-first.co.jp/information/ddososhirase/mitre
www.c-first.co.jp/wp/wp-content/uploads/2023/11/tuushin.pdfmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000