CVE-2023-1778 - Vulnerability Details - OpenCVE

This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems. The vulnerability has been addressed by forcing the user to change their default password to a new non-default password.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

Vendors	Products
Gajshield	Data Security Firewall Data Security Firewall Firmware

Configuration 1 [-]

AND

OR	cpe:2.3:o:gajshield:data_security_firewall_firmware::::::::
	cpe:2.3:o:gajshield:data_security_firewall_firmware::::::::

cpe:2.3:h:gajshield:data_security_firewall:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0119

History

Thu, 30 Jan 2025 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: CERT-In

Published: 2023-04-27T09:33:19.070Z

Updated: 2025-01-30T21:02:01.047Z

Reserved: 2023-03-31T11:56:48.453Z

Link: CVE-2023-1778

Vulnrichment

Updated: 2024-08-02T05:57:25.233Z

NVD

Status : Modified

Published: 2023-04-27T10:15:09.160

Modified: 2024-11-21T07:39:53.357

Link: CVE-2023-1778

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-1778", "assignerOrgId": "66834db9-ab24-42b4-be80-296b2e40335c", "state": "PUBLISHED", "assignerShortName": "CERT-In", "dateReserved": "2023-03-31T11:56:48.453Z", "datePublished": "2023-04-27T09:33:19.070Z", "dateUpdated": "2025-01-30T21:02:01.047Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Data Security Firewall", "vendor": "GajShield", "versions": [{"lessThan": "4.28", "status": "affected", "version": "4.5", "versionType": "custom"}, {"status": "unaffected", "version": "4.21"}]}], "credits": [{"lang": "en", "type": "finder", "value": "This vulnerability is identified by Prashant Pandey from Indian Computer Emergency Response Team (CERT-In)."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems.</p><br><br><p>The vulnerability has been addressed by forcing the user to change their default password to a new non-default password.</p><br>"}], "value": "This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems.\n\nThe vulnerability has been addressed by forcing the user to change their default password to a new non-default password.\n"}], "impacts": [{"capecId": "CAPEC-114", "descriptions": [{"lang": "en", "value": "CAPEC-114 Authentication Abuse"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "CWE-287 Improper Authentication", "lang": "en", "type": "CWE"}]}], "references": [{"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0119"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update GajShield Data Security Firewall firmware to latest version <br><br><a target=\"_blank\" rel=\"nofollow\" href=\"https://kb.gajshield.com/kbarticle?entryid=299&parentid=35\">https://kb.gajshield.com/kbarticle?entryid=299&parentid=35</a><br><a target=\"_blank\" rel=\"nofollow\" href=\"https://kb.gajshield.com/kbarticle?entryid=318&parentid=35\">https://kb.gajshield.com/kbarticle?entryid=318&parentid=35</a><br>"}], "value": "Update GajShield Data Security Firewall firmware to latest version \n\n https://kb.gajshield.com/kbarticle?entryid=299&parentid=35 https://kb.gajshield.com/kbarticle \n https://kb.gajshield.com/kbarticle?entryid=318&parentid=35 https://kb.gajshield.com/kbarticle \n"}], "source": {"discovery": "UNKNOWN"}, "title": "Default Credential Vulnerability in GajShield Data Security Firewall", "providerMetadata": {"orgId": "66834db9-ab24-42b4-be80-296b2e40335c", "shortName": "CERT-In", "dateUpdated": "2023-04-28T11:05:32.435Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:57:25.233Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0119", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-30T21:01:20.268732Z", "id": "CVE-2023-1778", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-30T21:02:01.047Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0119", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:57:25.233Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-1778", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-30T21:01:20.268732Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-30T21:01:07.571Z"}}], "cna": {"title": "Default Credential Vulnerability in GajShield Data Security Firewall", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "This vulnerability is identified by Prashant Pandey from Indian Computer Emergency Response Team (CERT-In)."}], "impacts": [{"capecId": "CAPEC-114", "descriptions": [{"lang": "en", "value": "CAPEC-114 Authentication Abuse"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 10, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "GajShield", "product": "Data Security Firewall", "versions": [{"status": "affected", "version": "4.5", "lessThan": "4.28", "versionType": "custom"}, {"status": "unaffected", "version": "4.21"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update GajShield Data Security Firewall firmware to latest version \n\n https://kb.gajshield.com/kbarticle?entryid=299&parentid=35 https://kb.gajshield.com/kbarticle \n https://kb.gajshield.com/kbarticle?entryid=318&parentid=35 https://kb.gajshield.com/kbarticle \n", "supportingMedia": [{"type": "text/html", "value": "Update GajShield Data Security Firewall firmware to latest version <br><br><a target=\"_blank\" rel=\"nofollow\" href=\"https://kb.gajshield.com/kbarticle?entryid=299&parentid=35\">https://kb.gajshield.com/kbarticle?entryid=299&parentid=35</a><br><a target=\"_blank\" rel=\"nofollow\" href=\"https://kb.gajshield.com/kbarticle?entryid=318&parentid=35\">https://kb.gajshield.com/kbarticle?entryid=318&parentid=35</a><br>", "base64": false}]}], "references": [{"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0119"}], "descriptions": [{"lang": "en", "value": "This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems.\n\nThe vulnerability has been addressed by forcing the user to change their default password to a new non-default password.\n", "supportingMedia": [{"type": "text/html", "value": "<p>This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems.</p><br><br><p>The vulnerability has been addressed by forcing the user to change their default password to a new non-default password.</p><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-287", "description": "CWE-287 Improper Authentication"}]}], "providerMetadata": {"orgId": "66834db9-ab24-42b4-be80-296b2e40335c", "shortName": "CERT-In", "dateUpdated": "2023-04-28T11:05:32.435Z"}}}, "cveMetadata": {"cveId": "CVE-2023-1778", "state": "PUBLISHED", "dateUpdated": "2025-01-30T21:02:01.047Z", "dateReserved": "2023-03-31T11:56:48.453Z", "assignerOrgId": "66834db9-ab24-42b4-be80-296b2e40335c", "datePublished": "2023-04-27T09:33:19.070Z", "assignerShortName": "CERT-In"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:gajshield:data_security_firewall_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CC450B0E-9218-431E-AF1E-66DAE043583E", "versionEndExcluding": "4.21", "vulnerable": true}, {"criteria": "cpe:2.3:o:gajshield:data_security_firewall_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8D28542-6331-414D-8C95-40D84D624BF1", "versionEndExcluding": "4.28", "versionStartIncluding": "4.22", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:gajshield:data_security_firewall:-:*:*:*:*:*:*:*", "matchCriteriaId": "4DC0BE30-5990-4A63-A541-2455018D94EB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems.\n\nThe vulnerability has been addressed by forcing the user to change their default password to a new non-default password.\n"}], "id": "CVE-2023-1778", "lastModified": "2024-11-21T07:39:53.357", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "vdisclose@cert-in.org.in", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-04-27T10:15:09.160", "references": [{"source": "vdisclose@cert-in.org.in", "tags": ["Third Party Advisory"], "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0119"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0119"}], "sourceIdentifier": "vdisclose@cert-in.org.in", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "vdisclose@cert-in.org.in", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-522"}], "source": "nvd@nist.gov", "type": "Primary"}]}