CVE-2023-23575

Improper access control vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker to bypass access restriction and access Network Maintenance page, which may result in obtaining the network information of the product. The affected products and versions are as follows: M2M Gateway with the firmware Ver.3.7.10 and earlier (CPS-MG341-ADSC1-111, CPS-MG341-ADSC1-931, CPS-MG341G-ADSC1-111, CPS-MG341G-ADSC1-930, and CPS-MG341G5-ADSC1-931), M2M Controller Integrated Type with firmware Ver.3.7.6 and earlier versions (CPS-MC341-ADSC1-111, CPS-MC341-ADSC1-931, CPS-MC341-ADSC2-111, CPS-MC341G-ADSC1-110, CPS-MC341Q-ADSC1-111, CPS-MC341-DS1-111, CPS-MC341-DS11-111, CPS-MC341-DS2-911, and CPS-MC341-A1-111), and M2M Controller Configurable Type with firmware Ver.3.8.8 and earlier versions (CPS-MCS341-DS1-111, CPS-MCS341-DS1-131, CPS-MCS341G-DS1-130, CPS-MCS341G5-DS1-130, and CPS-MCS341Q-DS1-131).

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://jvn.jp/en/vu/JVNVU96198617/	Third Party Advisory
https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_cps_230317_en.pdf	Mitigation Vendor Advisory
https://www.contec.com/download/donwload-list/?itemid=a054b3eb-da97-40d0-9598-d7f5ff4239ec#firmware	Product
https://www.contec.com/download/donwload-list/?itemid=a1b33f0d-d32b-4549-9741-613cd37d5528#firmware	Product
https://www.contec.com/download/donwload-list/?itemid=f832c526-dcf6-4976-85aa-f536c15a8120#firmware	Product
https://jvn.jp/en/vu/JVNVU96198617/	Third Party Advisory
https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_cps_230317_en.pdf	Mitigation Vendor Advisory
https://www.contec.com/download/donwload-list/?itemid=a054b3eb-da97-40d0-9598-d7f5ff4239ec#firmware	Product
https://www.contec.com/download/donwload-list/?itemid=a1b33f0d-d32b-4549-9741-613cd37d5528#firmware	Product
https://www.contec.com/download/donwload-list/?itemid=f832c526-dcf6-4976-85aa-f536c15a8120#firmware	Product

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:contec:cps-mg341-adsc1-111_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mg341-adsc1-111:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:contec:cps-mg341-adsc1-931_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mg341-adsc1-931:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:contec:cps-mg341g-adsc1-111_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mg341g-adsc1-111:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:contec:cps-mg341g-adsc1-930_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mg341g-adsc1-930:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:contec:cps-mg341g5-adsc1-931_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mg341g5-adsc1-931:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:contec:cps-mc341-adsc1-111_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mc341-adsc1-111:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:contec:cps-mc341-adsc1-931_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mc341-adsc1-931:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:contec:cps-mc341-adsc2-111_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mc341-adsc2-111:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:contec:cps-mc341g-adsc1-110_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mc341g-adsc1-110:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:contec:cps-mc341q-adsc1-111_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mc341q-adsc1-111:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:contec:cps-mc341-ds1-111_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mc341-ds1-111:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:contec:cps-mc341-ds11-111_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mc341-ds11-111:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:contec:cps-mc341-ds2-911_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mc341-ds2-911:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:contec:cps-mc341-a1-111_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mc341-a1-111:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:contec:cps-mcs341-ds1-111_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mcs341-ds1-111:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:contec:cps-mcs341-ds1-131_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mcs341-ds1-131:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:contec:cps-mcs341g-ds1-130_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mcs341g-ds1-130:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:contec:cps-mcs341g5-ds1-130_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mcs341g5-ds1-130:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:contec:cps-mcs341q-ds1-131_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:cps-mcs341q-ds1-131:-:*:*:*:*:*:*:*

History

11 Feb 2025, 16:15

Type	Values Removed	Values Added
CWE		CWE-284

21 Nov 2024, 07:46

Type	Values Removed	Values Added
References	~~() https://jvn.jp/en/vu/JVNVU96198617/ - Third Party Advisory~~	() https://jvn.jp/en/vu/JVNVU96198617/ - Third Party Advisory
References	~~() https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_cps_230317_en.pdf - Mitigation, Vendor Advisory~~	() https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_cps_230317_en.pdf - Mitigation, Vendor Advisory
References	~~() https://www.contec.com/download/donwload-list/?itemid=a054b3eb-da97-40d0-9598-d7f5ff4239ec#firmware - Product~~	() https://www.contec.com/download/donwload-list/?itemid=a054b3eb-da97-40d0-9598-d7f5ff4239ec#firmware - Product
References	~~() https://www.contec.com/download/donwload-list/?itemid=a1b33f0d-d32b-4549-9741-613cd37d5528#firmware - Product~~	() https://www.contec.com/download/donwload-list/?itemid=a1b33f0d-d32b-4549-9741-613cd37d5528#firmware - Product
References	~~() https://www.contec.com/download/donwload-list/?itemid=f832c526-dcf6-4976-85aa-f536c15a8120#firmware - Product~~	() https://www.contec.com/download/donwload-list/?itemid=f832c526-dcf6-4976-85aa-f536c15a8120#firmware - Product

18 Apr 2023, 19:36

Type	Values Removed	Values Added
References	~~(MISC) https://jvn.jp/en/vu/JVNVU96198617/ -~~	(MISC) https://jvn.jp/en/vu/JVNVU96198617/ - Third Party Advisory
References	~~(MISC) https://www.contec.com/download/donwload-list/?itemid=f832c526-dcf6-4976-85aa-f536c15a8120#firmware -~~	(MISC) https://www.contec.com/download/donwload-list/?itemid=f832c526-dcf6-4976-85aa-f536c15a8120#firmware - Product
References	~~(MISC) https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_cps_230317_en.pdf -~~	(MISC) https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_cps_230317_en.pdf - Mitigation, Vendor Advisory
References	~~(MISC) https://www.contec.com/download/donwload-list/?itemid=a1b33f0d-d32b-4549-9741-613cd37d5528#firmware -~~	(MISC) https://www.contec.com/download/donwload-list/?itemid=a1b33f0d-d32b-4549-9741-613cd37d5528#firmware - Product
References	~~(MISC) https://www.contec.com/download/donwload-list/?itemid=a054b3eb-da97-40d0-9598-d7f5ff4239ec#firmware -~~	(MISC) https://www.contec.com/download/donwload-list/?itemid=a054b3eb-da97-40d0-9598-d7f5ff4239ec#firmware - Product
First Time		Contec cps-mc341-adsc1-931 Contec cps-mc341-ds11-111 Firmware Contec cps-mg341-adsc1-111 Contec cps-mcs341g-ds1-130 Firmware Contec cps-mc341-adsc1-111 Firmware Contec cps-mc341q-adsc1-111 Contec cps-mcs341g5-ds1-130 Firmware Contec cps-mg341-adsc1-111 Firmware Contec cps-mg341g-adsc1-930 Contec cps-mc341-ds1-111 Firmware Contec cps-mcs341g5-ds1-130 Contec cps-mc341-ds2-911 Firmware Contec cps-mc341-a1-111 Contec cps-mcs341q-ds1-131 Contec cps-mcs341-ds1-111 Contec cps-mc341-ds11-111 Contec cps-mg341g-adsc1-111 Firmware Contec cps-mcs341-ds1-131 Contec cps-mc341-adsc1-931 Firmware Contec cps-mc341-adsc2-111 Contec cps-mg341-adsc1-931 Contec cps-mc341q-adsc1-111 Firmware Contec cps-mg341g5-adsc1-931 Firmware Contec cps-mc341-ds2-911 Contec cps-mg341g-adsc1-111 Contec cps-mcs341q-ds1-131 Firmware Contec cps-mc341g-adsc1-110 Contec cps-mc341g-adsc1-110 Firmware Contec Contec cps-mcs341g-ds1-130 Contec cps-mc341-a1-111 Firmware Contec cps-mc341-adsc1-111 Contec cps-mg341g5-adsc1-931 Contec cps-mcs341-ds1-111 Firmware Contec cps-mg341-adsc1-931 Firmware Contec cps-mcs341-ds1-131 Firmware Contec cps-mg341g-adsc1-930 Firmware Contec cps-mc341-adsc2-111 Firmware Contec cps-mc341-ds1-111
CPE		cpe:2.3:h:contec:cps-mc341q-adsc1-111:-:::::::* cpe:2.3:h:contec:cps-mc341-ds1-111:-:::::::* cpe:2.3:o:contec:cps-mc341q-adsc1-111_firmware:::::::: cpe:2.3:o:contec:cps-mc341-a1-111_firmware:::::::: cpe:2.3:h:contec:cps-mg341-adsc1-111:-:::::::* cpe:2.3:h:contec:cps-mc341-adsc1-111:-:::::::* cpe:2.3:h:contec:cps-mcs341-ds1-131:-:::::::* cpe:2.3:h:contec:cps-mc341-a1-111:-:::::::* cpe:2.3:h:contec:cps-mc341-adsc2-111:-:::::::* cpe:2.3:o:contec:cps-mcs341g5-ds1-130_firmware:::::::: cpe:2.3:h:contec:cps-mcs341-ds1-111:-:::::::* cpe:2.3:o:contec:cps-mc341g-adsc1-110_firmware:::::::: cpe:2.3:o:contec:cps-mcs341g-ds1-130_firmware:::::::: cpe:2.3:h:contec:cps-mg341-adsc1-931:-:::::::* cpe:2.3:h:contec:cps-mcs341q-ds1-131:-:::::::* cpe:2.3:o:contec:cps-mc341-ds2-911_firmware:::::::: cpe:2.3:o:contec:cps-mcs341-ds1-131_firmware:::::::: cpe:2.3:o:contec:cps-mg341g-adsc1-930_firmware:::::::: cpe:2.3:o:contec:cps-mc341-ds11-111_firmware:::::::: cpe:2.3:h:contec:cps-mc341-ds2-911:-:::::::* cpe:2.3:o:contec:cps-mg341-adsc1-111_firmware:::::::: cpe:2.3:h:contec:cps-mc341-ds11-111:-:::::::* cpe:2.3:h:contec:cps-mc341g-adsc1-110:-:::::::* cpe:2.3:o:contec:cps-mc341-adsc2-111_firmware:::::::: cpe:2.3:o:contec:cps-mc341-ds1-111_firmware:::::::: cpe:2.3:h:contec:cps-mcs341g-ds1-130:-:::::::* cpe:2.3:o:contec:cps-mg341g5-adsc1-931_firmware:::::::: cpe:2.3:o:contec:cps-mg341-adsc1-931_firmware:::::::: cpe:2.3:h:contec:cps-mc341-adsc1-931:-:::::::* cpe:2.3:h:contec:cps-mcs341g5-ds1-130:-:::::::* cpe:2.3:h:contec:cps-mg341g-adsc1-111:-:::::::* cpe:2.3:h:contec:cps-mg341g-adsc1-930:-:::::::* cpe:2.3:h:contec:cps-mg341g5-adsc1-931:-:::::::* cpe:2.3:o:contec:cps-mc341-adsc1-111_firmware:::::::: cpe:2.3:o:contec:cps-mc341-adsc1-931_firmware:::::::: cpe:2.3:o:contec:cps-mcs341q-ds1-131_firmware:::::::: cpe:2.3:o:contec:cps-mg341g-adsc1-111_firmware:::::::: cpe:2.3:o:contec:cps-mcs341-ds1-111_firmware::::::::
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 4.3

11 Apr 2023, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-04-11 09:15

Updated : 2025-02-11 16:15

NVD link : CVE-2023-23575

Mitre link : CVE-2023-23575

CVE.ORG link : CVE-2023-23575

JSON object : View

Products Affected

contec

cps-mc341-a1-111
cps-mg341g5-adsc1-931
cps-mc341-ds1-111
cps-mc341g-adsc1-110
cps-mc341-ds2-911_firmware
cps-mg341-adsc1-111
cps-mg341-adsc1-931_firmware
cps-mcs341g5-ds1-130_firmware
cps-mcs341g-ds1-130
cps-mc341g-adsc1-110_firmware
cps-mc341q-adsc1-111
cps-mc341-adsc1-931
cps-mc341-adsc2-111
cps-mg341g-adsc1-111_firmware
cps-mg341-adsc1-111_firmware
cps-mcs341q-ds1-131
cps-mc341q-adsc1-111_firmware
cps-mg341g-adsc1-930
cps-mcs341q-ds1-131_firmware
cps-mc341-adsc1-111
cps-mg341-adsc1-931
cps-mcs341g5-ds1-130
cps-mc341-ds2-911
cps-mc341-a1-111_firmware
cps-mcs341g-ds1-130_firmware
cps-mcs341-ds1-131
cps-mg341g-adsc1-930_firmware
cps-mc341-adsc1-111_firmware
cps-mc341-adsc2-111_firmware
cps-mg341g5-adsc1-931_firmware
cps-mc341-ds11-111
cps-mcs341-ds1-111_firmware
cps-mcs341-ds1-111
cps-mc341-ds1-111_firmware
cps-mg341g-adsc1-111
cps-mc341-ds11-111_firmware
cps-mcs341-ds1-131_firmware
cps-mc341-adsc1-931_firmware

CWE

NVD-CWE-noinfo CWE-284

Improper Access Control

4.3 /10