CVE-2023-7077

EPSS 0.75%
Published 05.02.2024 07:15:09
Last modified 15.05.2025 20:15:29
Source psirt-info@cyber.jp.nec.com
Teams watchlist Login
Open Login

Sharp NEC Displays (P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8) allows an attacker execute remote code by sending unintended parameters in http request.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Sharp ≫ Nec E705 Firmware Version-

Sharp ≫ Nec E705 Version-

Sharp ≫ Nec E805 Firmware Version-

Sharp ≫ Nec E805 Version-

Sharp ≫ Nec E905 Firmware Version-

Sharp ≫ Nec E905 Version-

Sharp ≫ Nec Md551c8 Firmware Version-

Sharp ≫ Nec Md551c8 Version-

Sharp ≫ Nec P403 Firmware Version-

Sharp ≫ Nec P403 Version-

Sharp ≫ Nec P463 Firmware Version-

Sharp ≫ Nec P463 Version-

Sharp ≫ Nec P553 Firmware Version-

Sharp ≫ Nec P553 Version-

Sharp ≫ Nec P703 Firmware Version-

Sharp ≫ Nec P703 Version-

Sharp ≫ Nec P801 Firmware Version-

Sharp ≫ Nec P801 Version-

Sharp ≫ Nec Un551s Firmware Version-

Sharp ≫ Nec Un551s Version-

Sharp ≫ Nec Un551vs Firmware Version-

Sharp ≫ Nec Un551vs Version-

Sharp ≫ Nec X464un Firmware Version-

Sharp ≫ Nec X464un Version-

Sharp ≫ Nec X464uns Firmware Version-

Sharp ≫ Nec X464uns Version-

Sharp ≫ Nec X464unv Firmware Version-

Sharp ≫ Nec X464unv Version-

Sharp ≫ Nec X474hb Firmware Version-

Sharp ≫ Nec X474hb Version-

Sharp ≫ Nec X551uhd Firmware Version-

Sharp ≫ Nec X551uhd Version-

Sharp ≫ Nec X554hb Firmware Version-

Sharp ≫ Nec X554hb Version-

Sharp ≫ Nec X554un Firmware Version-

Sharp ≫ Nec X554un Version-

Sharp ≫ Nec X554uns Firmware Version-

Sharp ≫ Nec X554uns Version-

Sharp ≫ Nec X554unv Firmware Version-

Sharp ≫ Nec X554unv Version-

Sharp ≫ Nec X555uns Firmware Version-

Sharp ≫ Nec X555uns Version-

Sharp ≫ Nec X555unv Firmware Version-

Sharp ≫ Nec X555unv Version-

Sharp ≫ Nec X651uhd Firmware Version-

Sharp ≫ Nec X651uhd Version-

Sharp ≫ Nec X754hb Firmware Version-

Sharp ≫ Nec X754hb Version-

Sharp ≫ Nec X841uhd Firmware Version-

Sharp ≫ Nec X841uhd Version-

Sharp ≫ Nec X981uhd Firmware Version-

Sharp ≫ Nec X981uhd Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.75%	0.721

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

https://www.sharp-nec-displays.com/global/support/info/A4_vulnerability.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-7077

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-7077

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-7077

EUVD