Amtt Hotel Broadband Operation System vulnerabilities
8 known vulnerabilities affecting amtt/hotel_broadband_operation_system.
Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH3MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-2701P2CRITICALCVSS 9.8v1.02025-03-24
CVE-2025-2701 [CRITICAL] CWE-77 CVE-2025-2701: A vulnerability classified as critical was found in AMTT Hotel Broadband Operation System 1.0. This
A vulnerability classified as critical was found in AMTT Hotel Broadband Operation System 1.0. This vulnerability affects the function popen of the file /manager/network/port_setup.php. The manipulation of the argument SwitchVersion/SwitchWrite/SwitchIP/SwitchIndex/SwitchState leads to os command injection. The attack can be initiated remotely. The ex
nvd
CVE-2025-3983P2HIGHCVSS 7.2v1.02025-04-27
CVE-2025-3983 [HIGH] CWE-74 CVE-2025-3983: A vulnerability has been found in AMTT Hotel Broadband Operation System 1.0 and classified as critic
A vulnerability has been found in AMTT Hotel Broadband Operation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manager/system/nlog_down.php. The manipulation of the argument ProtocolType leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the p
nvd
CVE-2025-12253P3CRITICALCVSS 9.8v1.02025-10-27
CVE-2025-12253 [CRITICAL] CWE-74 CVE-2025-12253: A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected by this vulner
A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/portal/get_expiredtime.php. This manipulation of the argument uid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendo
nvd
CVE-2024-11051P3HIGHCVSS 8.8v3.0.3.1512042024-11-10
CVE-2024-11051 [HIGH] CWE-74 CVE-2024-11051: A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204. It has been c
A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204. It has been classified as critical. Affected is an unknown function of the file /manager/frontdesk/online_status.php. The manipulation of the argument AccountID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to th
nvd
CVE-2025-13123P3CRITICALCVSS 9.8v1.02025-11-13
CVE-2025-13123 [CRITICAL] CWE-74 CVE-2025-13123: A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unkno
A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/get_firstdate.php. Executing manipulation of the argument uid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early
nvd
CVE-2025-14090P3HIGHCVSS 7.2v1.02025-12-05
CVE-2025-14090 [HIGH] CWE-74 CVE-2025-14090: A security flaw has been discovered in AMTT Hotel Broadband Operation System 1.0. This affects an un
A security flaw has been discovered in AMTT Hotel Broadband Operation System 1.0. This affects an unknown part of the file /manager/card/cardmake_down.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. The vendor was
nvd
CVE-2024-11050P4MEDIUMCVSS 5.4v3.0.3.1512042024-11-10
CVE-2024-11050 [MEDIUM] CWE-79 CVE-2024-11050: A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204 and classified
A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204 and classified as problematic. This issue affects some unknown processing of the file /language.php. The manipulation of the argument LangID/LangName/LangEName leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the
nvd
CVE-2026-7697P4MEDIUMCVSS 4.7v1.02026-05-03
CVE-2026-7697 [MEDIUM] CWE-74 CVE-2026-7697: A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown
A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhand_submit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early a
nvd