Unrated severityNVD Advisory· Published Dec 4, 2023· Updated Feb 25, 2026
Improper input leads to DoS
CVE-2023-40460
Description
The ACEManager component of ALEOS 4.16 and earlier does not
validate uploaded file names and types, which could potentially allow
an authenticated user to perform client-side script execution within
ACEManager, altering the device functionality until the device is
restarted.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=4.16+ 1 more
- (no CPE)range: <=4.16
- (no CPE)range: 4.10
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.