Medium severity4.7NVD Advisory· Published Feb 6, 2024· Updated Jun 17, 2026
CVE-2024-1253
CVE-2024-1253
Description
A vulnerability, which was classified as critical, has been found in Byzoro Smart S40 Management Platform up to 20240126. Affected by this issue is some unknown functionality of the file /useratte/web.php of the component Import Handler. The manipulation of the argument file_upload leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252992. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<2024-01-26+ 1 more
- (no CPE)range: <2024-01-26
- (no CPE)range: 20240126
Patches
Vulnerability mechanics
References
4- github.com/b51s77/cve/blob/main/upload.mdnvdExploit
- vuldb.comnvdThird Party Advisory
- vuldb.comnvdPermissions Required
- vuldb.comnvd
News mentions
0No linked articles in our index yet.