MidnightBSD

Advisories for birddog

CVE-2023-2504

Files present on firmware images could allow an attacker to gain unauthorized access as a root user using hard-coded credentials.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 8.4 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.5 5.9

Products Affected

Vendor Product Version
birddog a300_firmware 3.4
birddog 4k_quad_firmware 4.5.181
birddog mini_firmware 2.6.2
birddog 4k_quad_firmware 4.5.196
birddog studio_r3_firmware 3.6.4
CVE-2023-2505

The affected products have a CSRF vulnerability that could allow an attacker to execute code and upload malicious files.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 7.7 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N 3.1 4.0

Products Affected

Vendor Product Version
birddog a300_firmware 3.4
birddog 4k_quad_firmware 4.5.181
birddog mini_firmware 2.6.2
birddog 4k_quad_firmware 4.5.196
birddog studio_r3_firmware 3.6.4