Smart S200 Management Platform
by Byzoro
CVEs (19)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-4904 | Med | 0.41 | 6.3 | 0.00 | May 15, 2024 | A vulnerability was found in Byzoro Smart S200 Management Platform up to 20240507. It has been rated as critical. This issue affects some unknown processing of the file /useratte/userattestation.php. The manipulation of the argument web_img leads to unrestricted upload. The… | ||
| CVE-2024-4019 | Med | 0.41 | 6.3 | 0.00 | Apr 20, 2024 | A vulnerability classified as critical has been found in Byzoro Smart S80 Management Platform up to 20240411. Affected is an unknown function of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. It is possible to launch the attack remotely.… | ||
| CVE-2024-3521 | Med | 0.31 | 4.7 | 0.00 | Apr 9, 2024 | A vulnerability was found in Byzoro Smart S80 Management Platform up to 20240317. It has been rated as critical. Affected by this issue is some unknown functionality of the file /useratte/userattestation.php. The manipulation of the argument web_img leads to unrestricted upload.… | ||
| CVE-2024-0939 | 0.07 | — | 0.88 | Jan 26, 2024 | A vulnerability has been found in Byzoro Smart S210 Management Platform up to 20240117 and classified as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack can… | |||
| CVE-2023-4120 | 0.05 | — | 0.63 | Aug 3, 2023 | A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230722 and classified as critical. This issue affects some unknown processing of the file importhtml.php. The manipulation of the argument sql leads to command injection. The attack may be initiated… | |||
| CVE-2023-5684 | 0.01 | — | 0.09 | Oct 21, 2023 | A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231012. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /importexport.php. The manipulation leads to os command injection. The attack can be… | |||
| CVE-2023-5683 | 0.01 | — | 0.18 | Oct 21, 2023 | A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231010 and classified as critical. This issue affects some unknown processing of the file /sysmanage/importconf.php. The manipulation of the argument btn_file_renew leads to os command injection. The… | |||
| CVE-2024-1918 | 0.00 | — | 0.00 | Feb 27, 2024 | A vulnerability has been found in Byzoro Smart S42 Management Platform up to 20240219 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /useratte/userattestation.php. The manipulation of the argument hidwel leads to unrestricted… | |||
| CVE-2024-1254 | 0.00 | — | 0.00 | Feb 6, 2024 | A vulnerability, which was classified as critical, was found in Byzoro Smart S20 Management Platform up to 20231120. This affects an unknown part of the file /sysmanage/sysmanageajax.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the… | |||
| CVE-2024-1253 | 0.00 | — | 0.00 | Feb 6, 2024 | A vulnerability, which was classified as critical, has been found in Byzoro Smart S40 Management Platform up to 20240126. Affected by this issue is some unknown functionality of the file /useratte/web.php of the component Import Handler. The manipulation of the argument… | |||
| CVE-2024-0716 | 0.00 | — | 0.00 | Jan 19, 2024 | A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to… | |||
| CVE-2024-0712 | 0.00 | — | 0.00 | Jan 19, 2024 | A vulnerability was found in Byzoro Smart S150 Management Platform V31R02B15. It has been classified as critical. Affected is an unknown function of the file /useratte/inc/userattea.php. The manipulation leads to improper access controls. It is possible to launch the attack… | |||
| CVE-2024-0300 | 0.00 | — | 0.01 | Jan 8, 2024 | A vulnerability was found in Byzoro Smart S150 Management Platform up to 20240101. It has been rated as critical. Affected by this issue is some unknown functionality of the file /useratte/userattestation.php of the component HTTP POST Request Handler. The manipulation of the… | |||
| CVE-2023-5959 | 0.00 | — | 0.00 | Nov 11, 2023 | A vulnerability, which was classified as problematic, was found in Byzoro Smart S85F Management Platform V31R02B10-01. Affected is an unknown function of the file /login.php. The manipulation of the argument txt_newpwd leads to weak password recovery. The exploit has been… | |||
| CVE-2023-4739 | 0.00 | — | 0.00 | Sep 3, 2023 | A vulnerability, which was classified as critical, has been found in Byzoro Smart S85F Management Platform up to 20230820. Affected by this issue is some unknown functionality of the file /sysmanage/updateos.php. The manipulation of the argument 1_file_upload leads to… | |||
| CVE-2023-4546 | 0.00 | — | 0.00 | Aug 26, 2023 | A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230816. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /sysmanage/licence.php. The manipulation leads to improper access controls. The exploit… | |||
| CVE-2023-4544 | 0.00 | — | 0.00 | Aug 26, 2023 | A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230809. It has been rated as problematic. This issue affects some unknown processing of the file /config/php.ini. The manipulation leads to direct request. The attack may be initiated remotely. The… | |||
| CVE-2023-4414 | 0.00 | — | 0.04 | Aug 18, 2023 | A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230807. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to command injection. The… | |||
| CVE-2023-4121 | 0.00 | — | 0.00 | Aug 3, 2023 | A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230722. It has been classified as critical. Affected is an unknown function. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to launch the attack remotely. The… |
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in Byzoro Smart S200 Management Platform up to 20240507. It has been rated as critical. This issue affects some unknown processing of the file /useratte/userattestation.php. The manipulation of the argument web_img leads to unrestricted upload. The…
- risk 0.41cvss 6.3epss 0.00
A vulnerability classified as critical has been found in Byzoro Smart S80 Management Platform up to 20240411. Affected is an unknown function of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. It is possible to launch the attack remotely.…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was found in Byzoro Smart S80 Management Platform up to 20240317. It has been rated as critical. Affected by this issue is some unknown functionality of the file /useratte/userattestation.php. The manipulation of the argument web_img leads to unrestricted upload.…
- CVE-2024-0939Jan 26, 2024risk 0.07cvss —epss 0.88
A vulnerability has been found in Byzoro Smart S210 Management Platform up to 20240117 and classified as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack can…
- CVE-2023-4120Aug 3, 2023risk 0.05cvss —epss 0.63
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230722 and classified as critical. This issue affects some unknown processing of the file importhtml.php. The manipulation of the argument sql leads to command injection. The attack may be initiated…
- CVE-2023-5684Oct 21, 2023risk 0.01cvss —epss 0.09
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231012. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /importexport.php. The manipulation leads to os command injection. The attack can be…
- CVE-2023-5683Oct 21, 2023risk 0.01cvss —epss 0.18
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231010 and classified as critical. This issue affects some unknown processing of the file /sysmanage/importconf.php. The manipulation of the argument btn_file_renew leads to os command injection. The…
- CVE-2024-1918Feb 27, 2024risk 0.00cvss —epss 0.00
A vulnerability has been found in Byzoro Smart S42 Management Platform up to 20240219 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /useratte/userattestation.php. The manipulation of the argument hidwel leads to unrestricted…
- CVE-2024-1254Feb 6, 2024risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, was found in Byzoro Smart S20 Management Platform up to 20231120. This affects an unknown part of the file /sysmanage/sysmanageajax.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the…
- CVE-2024-1253Feb 6, 2024risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, has been found in Byzoro Smart S40 Management Platform up to 20240126. Affected by this issue is some unknown functionality of the file /useratte/web.php of the component Import Handler. The manipulation of the argument…
- CVE-2024-0716Jan 19, 2024risk 0.00cvss —epss 0.00
A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to…
- CVE-2024-0712Jan 19, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in Byzoro Smart S150 Management Platform V31R02B15. It has been classified as critical. Affected is an unknown function of the file /useratte/inc/userattea.php. The manipulation leads to improper access controls. It is possible to launch the attack…
- CVE-2024-0300Jan 8, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Byzoro Smart S150 Management Platform up to 20240101. It has been rated as critical. Affected by this issue is some unknown functionality of the file /useratte/userattestation.php of the component HTTP POST Request Handler. The manipulation of the…
- CVE-2023-5959Nov 11, 2023risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, was found in Byzoro Smart S85F Management Platform V31R02B10-01. Affected is an unknown function of the file /login.php. The manipulation of the argument txt_newpwd leads to weak password recovery. The exploit has been…
- CVE-2023-4739Sep 3, 2023risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, has been found in Byzoro Smart S85F Management Platform up to 20230820. Affected by this issue is some unknown functionality of the file /sysmanage/updateos.php. The manipulation of the argument 1_file_upload leads to…
- CVE-2023-4546Aug 26, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230816. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /sysmanage/licence.php. The manipulation leads to improper access controls. The exploit…
- CVE-2023-4544Aug 26, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230809. It has been rated as problematic. This issue affects some unknown processing of the file /config/php.ini. The manipulation leads to direct request. The attack may be initiated remotely. The…
- CVE-2023-4414Aug 18, 2023risk 0.00cvss —epss 0.04
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230807. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to command injection. The…
- CVE-2023-4121Aug 3, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230722. It has been classified as critical. Affected is an unknown function. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to launch the attack remotely. The…