CVE-2023-1778 (GCVE-0-2023-1778)
Vulnerability from cvelistv5 – Published: 2023-04-27 09:33 – Updated: 2025-01-30 21:02
VLAI
Title
Default Credential Vulnerability in GajShield Data Security Firewall
Summary
This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems.
The vulnerability has been addressed by forcing the user to change their default password to a new non-default password.
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| GajShield | Data Security Firewall |
Affected:
4.5 , < 4.28
(custom)
Unaffected: 4.21 |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:57:25.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0119"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1778",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T21:01:20.268732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T21:02:01.047Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Data Security Firewall",
"vendor": "GajShield",
"versions": [
{
"lessThan": "4.28",
"status": "affected",
"version": "4.5",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.21"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This vulnerability is identified by Prashant Pandey from Indian Computer Emergency Response Team (CERT-In)."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThis vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems.\u003c/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cp\u003eThe vulnerability has been addressed by forcing the user to change their default password to a new non-default password.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems.\n\nThe vulnerability has been addressed by forcing the user to change their default password to a new non-default password.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-114",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-114 Authentication Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-28T11:05:32.435Z",
"orgId": "66834db9-ab24-42b4-be80-296b2e40335c",
"shortName": "CERT-In"
},
"references": [
{
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0119"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update GajShield Data Security Firewall firmware to latest version \u003cbr\u003e\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://kb.gajshield.com/kbarticle?entryid=299\u0026amp;parentid=35\"\u003ehttps://kb.gajshield.com/kbarticle?entryid=299\u0026amp;parentid=35\u003c/a\u003e\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://kb.gajshield.com/kbarticle?entryid=318\u0026amp;parentid=35\"\u003ehttps://kb.gajshield.com/kbarticle?entryid=318\u0026amp;parentid=35\u003c/a\u003e\u003cbr\u003e"
}
],
"value": "Update GajShield Data Security Firewall firmware to latest version \n\n https://kb.gajshield.com/kbarticle?entryid=299\u0026parentid=35 https://kb.gajshield.com/kbarticle \n https://kb.gajshield.com/kbarticle?entryid=318\u0026parentid=35 https://kb.gajshield.com/kbarticle \n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Default Credential Vulnerability in GajShield Data Security Firewall"
}
},
"cveMetadata": {
"assignerOrgId": "66834db9-ab24-42b4-be80-296b2e40335c",
"assignerShortName": "CERT-In",
"cveId": "CVE-2023-1778",
"datePublished": "2023-04-27T09:33:19.070Z",
"dateReserved": "2023-03-31T11:56:48.453Z",
"dateUpdated": "2025-01-30T21:02:01.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-1778",
"date": "2026-06-07",
"epss": "0.00854",
"percentile": "0.75328"
},
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:gajshield:data_security_firewall_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.21\", \"matchCriteriaId\": \"CC450B0E-9218-431E-AF1E-66DAE043583E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:gajshield:data_security_firewall_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.22\", \"versionEndExcluding\": \"4.28\", \"matchCriteriaId\": \"D8D28542-6331-414D-8C95-40D84D624BF1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:gajshield:data_security_firewall:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DC0BE30-5990-4A63-A541-2455018D94EB\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems.\\n\\nThe vulnerability has been addressed by forcing the user to change their default password to a new non-default password.\\n\"}]",
"id": "CVE-2023-1778",
"lastModified": "2024-11-21T07:39:53.357",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"vdisclose@cert-in.org.in\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 10.0, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 6.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
"published": "2023-04-27T10:15:09.160",
"references": "[{\"url\": \"https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0119\", \"source\": \"vdisclose@cert-in.org.in\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0119\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "vdisclose@cert-in.org.in",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"vdisclose@cert-in.org.in\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-522\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-1778\",\"sourceIdentifier\":\"vdisclose@cert-in.org.in\",\"published\":\"2023-04-27T10:15:09.160\",\"lastModified\":\"2024-11-21T07:39:53.357\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems.\\n\\nThe vulnerability has been addressed by forcing the user to change their default password to a new non-default password.\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"vdisclose@cert-in.org.in\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":10.0,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"vdisclose@cert-in.org.in\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-522\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:gajshield:data_security_firewall_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.21\",\"matchCriteriaId\":\"CC450B0E-9218-431E-AF1E-66DAE043583E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:gajshield:data_security_firewall_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.22\",\"versionEndExcluding\":\"4.28\",\"matchCriteriaId\":\"D8D28542-6331-414D-8C95-40D84D624BF1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:gajshield:data_security_firewall:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DC0BE30-5990-4A63-A541-2455018D94EB\"}]}]}],\"references\":[{\"url\":\"https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0119\",\"source\":\"vdisclose@cert-in.org.in\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0119\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0119\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T05:57:25.233Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-1778\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-30T21:01:20.268732Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-30T21:01:07.571Z\"}}], \"cna\": {\"title\": \"Default Credential Vulnerability in GajShield Data Security Firewall\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"This vulnerability is identified by Prashant Pandey from Indian Computer Emergency Response Team (CERT-In).\"}], \"impacts\": [{\"capecId\": \"CAPEC-114\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-114 Authentication Abuse\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 10, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"GajShield\", \"product\": \"Data Security Firewall\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.5\", \"lessThan\": \"4.28\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"4.21\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Update GajShield Data Security Firewall firmware to latest version \\n\\n https://kb.gajshield.com/kbarticle?entryid=299\u0026parentid=35 https://kb.gajshield.com/kbarticle \\n https://kb.gajshield.com/kbarticle?entryid=318\u0026parentid=35 https://kb.gajshield.com/kbarticle \\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Update GajShield Data Security Firewall firmware to latest version \u003cbr\u003e\u003cbr\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://kb.gajshield.com/kbarticle?entryid=299\u0026amp;parentid=35\\\"\u003ehttps://kb.gajshield.com/kbarticle?entryid=299\u0026amp;parentid=35\u003c/a\u003e\u003cbr\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://kb.gajshield.com/kbarticle?entryid=318\u0026amp;parentid=35\\\"\u003ehttps://kb.gajshield.com/kbarticle?entryid=318\u0026amp;parentid=35\u003c/a\u003e\u003cbr\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2023-0119\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems.\\n\\nThe vulnerability has been addressed by forcing the user to change their default password to a new non-default password.\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eThis vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems.\u003c/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cp\u003eThe vulnerability has been addressed by forcing the user to change their default password to a new non-default password.\u003c/p\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-287\", \"description\": \"CWE-287 Improper Authentication\"}]}], \"providerMetadata\": {\"orgId\": \"66834db9-ab24-42b4-be80-296b2e40335c\", \"shortName\": \"CERT-In\", \"dateUpdated\": \"2023-04-28T11:05:32.435Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-1778\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-30T21:02:01.047Z\", \"dateReserved\": \"2023-03-31T11:56:48.453Z\", \"assignerOrgId\": \"66834db9-ab24-42b4-be80-296b2e40335c\", \"datePublished\": \"2023-04-27T09:33:19.070Z\", \"assignerShortName\": \"CERT-In\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…