CVE-2023-38523

20.07.2023, 19:15

The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. This affects N-Series N1115 Wallplate Video Encoder before 1.15.61, N-Series N1x22A Video Encoder/Decoder before 1.15.61, N-Series N1x33A Video Encoder/Decoder before 1.15.61, N-Series N1x33 Video Encoder/Decoder before 1.15.61, N-Series N2x35 Video Encoder/Decoder before 1.15.61, N-Series N2x35A Video Encoder/Decoder before 1.15.61, N-Series N2xx2 Video Encoder/Decoder before 1.15.61, N-Series N2xx2A Video Encoder/Decoder before 1.15.61, N-Series N3000 Video Encoder/Decoder before 2.12.105, and N-Series N4321 Audio Transceiver before 1.00.06.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
mitre	CNA	---				---
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 49%

Vendor	Product	Version
samsung	fgn1115-wp-wh_firmware	𝑥 < 1.15.61
samsung	fgn1122-sa_firmware	𝑥 < 1.15.61
samsung	fgn1122-cd_firmware	𝑥 < 1.15.61
samsung	fgn1222-sa_firmware	𝑥 < 1.15.61
samsung	fgn1222-cd_firmware	𝑥 < 1.15.61
samsung	fgn1233-sa_firmware	𝑥 < 1.15.61
samsung	fgn1133-sa_firmware	𝑥 < 1.15.61
samsung	fgn1133-cd_firmware	𝑥 < 1.15.61
samsung	fgn1233-cd_firmware	𝑥 < 1.15.61
samsung	fgn1133a-sa_firmware	𝑥 < 1.15.61
samsung	fgn1233a-sa_firmware	𝑥 < 1.15.61
samsung	fgn1133a-cd_firmware	𝑥 < 1.15.61
samsung	fgn1233a-cd_firmware	𝑥 < 1.15.61
samsung	fgn2135-sa_firmware	𝑥 < 1.15.61
samsung	fgn2235-cd_firmware	𝑥 < 1.15.61
samsung	fgn2235-sa_firmware	𝑥 < 1.15.61
samsung	fgn2135-cd_firmware	𝑥 < 1.15.61
samsung	fgn2122-sa_firmware	𝑥 < 1.15.61
samsung	fgn2222-sa_firmware	𝑥 < 1.15.61
samsung	fgn2212-sa_firmware	𝑥 < 1.15.61
samsung	fgn2122-cd_firmware	𝑥 < 1.15.61
samsung	fgn2222-cd_firmware	𝑥 < 1.15.61
samsung	fgn2212-cd_firmware	𝑥 < 1.15.61
samsung	fgn2222a-sa_firmware	𝑥 < 1.15.61
samsung	fgn2122a-sa_firmware	𝑥 < 1.15.61
samsung	fgn2122a-cd_firmware	𝑥 < 1.15.61
samsung	fgn2222a-cd_firmware	𝑥 < 1.15.61
samsung	fgn3132a-sa_firmware	𝑥 < 2.12.105
samsung	fgn3132a-c_firmware	𝑥 < 2.12.105
samsung	fgn3232a-sa_firmware	𝑥 < 2.12.105
samsung	fgn3232a-c_firmware	𝑥 < 2.12.105
samsung	fgn4321-sa_firmware	𝑥 < 1.00.06
samsung	fgn4321-cd_firmware	𝑥 < 1.00.06