VYPR
Unrated severityNVD Advisory· Published Dec 4, 2023· Updated Feb 25, 2026

Improper input leads to DoS

CVE-2023-40460

Description

The ACEManager component of ALEOS 4.16 and earlier does not

validate uploaded file names and types, which could potentially allow

an authenticated user to perform client-side script execution within

ACEManager, altering the device functionality until the device is

restarted.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.