Byzoro Smart S150 Firmware vulnerabilities
3 known vulnerabilities affecting byzoro/smart_s150_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-0300P2CRITICALCVSS 9.8≤ 2024-01-012024-01-08
CVE-2024-0300 [CRITICAL] CWE-434 CVE-2024-0300: A vulnerability was found in Byzoro Smart S150 Management Platform up to 20240101. It has been rated
A vulnerability was found in Byzoro Smart S150 Management Platform up to 20240101. It has been rated as critical. Affected by this issue is some unknown functionality of the file /useratte/userattestation.php of the component HTTP POST Request Handler. The manipulation of the argument web_img leads to unrestricted upload. The attack may be launched
nvd
CVE-2024-0712P2CRITICALCVSS 9.8v31r02b152024-01-19
CVE-2024-0712 [CRITICAL] CWE-284 CVE-2024-0712: A vulnerability was found in Byzoro Smart S150 Management Platform V31R02B15. It has been classified
A vulnerability was found in Byzoro Smart S150 Management Platform V31R02B15. It has been classified as critical. Affected is an unknown function of the file /useratte/inc/userattea.php. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-
nvd
CVE-2024-0716P4MEDIUMCVSS 5.3v31r02b152024-01-19
CVE-2024-0716 [MEDIUM] CWE-200 CVE-2024-0716: A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V3
A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The e
nvd