Amtt
Products
2- 10 CVEs
- 5 CVEs
Recent CVEs
11| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-12253 | Hig | 0.47 | 7.3 | 0.00 | Oct 27, 2025 | A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/portal/get_expiredtime.php. This manipulation of the argument uid causes sql injection. The attack may be initiated remotely.… | ||
| CVE-2025-13123 | Med | 0.41 | 6.3 | 0.00 | Nov 13, 2025 | A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/get_firstdate.php. Executing manipulation of the argument uid can lead to sql injection. It is possible to launch the attack remotely. The… | ||
| CVE-2025-14090 | Med | 0.31 | 4.7 | 0.00 | Dec 5, 2025 | A security flaw has been discovered in AMTT Hotel Broadband Operation System 1.0. This affects an unknown part of the file /manager/card/cardmake_down.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The… | ||
| CVE-2016-15048 | 0.00 | — | 0.07 | Oct 22, 2025 | AMTT Hotel Broadband Operation System (HiBOS) contains an unauthenticated command injection vulnerability in the /manager/radius/server_ping.php endpoint. The application constructs a shell command that includes the user-supplied ip parameter and executes it without proper… | |||
| CVE-2025-3983 | 0.00 | — | 0.17 | Apr 27, 2025 | A vulnerability has been found in AMTT Hotel Broadband Operation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manager/system/nlog_down.php. The manipulation of the argument ProtocolType leads to command injection.… | |||
| CVE-2025-2701 | 0.00 | — | 0.07 | Mar 24, 2025 | A vulnerability classified as critical was found in AMTT Hotel Broadband Operation System 1.0. This vulnerability affects the function popen of the file /manager/network/port_setup.php. The manipulation of the argument SwitchVersion/SwitchWrite/SwitchIP/SwitchIndex/SwitchState… | |||
| CVE-2024-11051 | 0.00 | — | 0.01 | Nov 10, 2024 | A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204. It has been classified as critical. Affected is an unknown function of the file /manager/frontdesk/online_status.php. The manipulation of the argument AccountID leads to sql injection. It is… | |||
| CVE-2024-11050 | 0.00 | — | 0.00 | Nov 10, 2024 | A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204 and classified as problematic. This issue affects some unknown processing of the file /language.php. The manipulation of the argument LangID/LangName/LangEName leads to cross site scripting.… | |||
| CVE-2024-41476 | 0.00 | — | 0.01 | Aug 9, 2024 | AMTT Hotel Broadband Operation System (HiBOS) V3.0.3.151204 and before is vulnerable to SQL Injection via /manager/card/card_detail.php. | |||
| CVE-2024-39072 | 0.00 | — | 0.00 | Jul 9, 2024 | AMTT Hotel Broadband Operation System (HiBOS) v3.0.3.151204 is vulnerable to SQL injection via manager/conference/calendar_remind.php. | |||
| CVE-2023-6647 | 0.00 | — | 0.01 | Dec 10, 2023 | A vulnerability, which was classified as critical, has been found in AMTT HiBOS 1.0. Affected by this issue is some unknown functionality. The manipulation of the argument Type leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the… |
- risk 0.47cvss 7.3epss 0.00
A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/portal/get_expiredtime.php. This manipulation of the argument uid causes sql injection. The attack may be initiated remotely.…
- risk 0.41cvss 6.3epss 0.00
A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/get_firstdate.php. Executing manipulation of the argument uid can lead to sql injection. It is possible to launch the attack remotely. The…
- risk 0.31cvss 4.7epss 0.00
A security flaw has been discovered in AMTT Hotel Broadband Operation System 1.0. This affects an unknown part of the file /manager/card/cardmake_down.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The…
- CVE-2016-15048Oct 22, 2025risk 0.00cvss —epss 0.07
AMTT Hotel Broadband Operation System (HiBOS) contains an unauthenticated command injection vulnerability in the /manager/radius/server_ping.php endpoint. The application constructs a shell command that includes the user-supplied ip parameter and executes it without proper…
- CVE-2025-3983Apr 27, 2025risk 0.00cvss —epss 0.17
A vulnerability has been found in AMTT Hotel Broadband Operation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manager/system/nlog_down.php. The manipulation of the argument ProtocolType leads to command injection.…
- CVE-2025-2701Mar 24, 2025risk 0.00cvss —epss 0.07
A vulnerability classified as critical was found in AMTT Hotel Broadband Operation System 1.0. This vulnerability affects the function popen of the file /manager/network/port_setup.php. The manipulation of the argument SwitchVersion/SwitchWrite/SwitchIP/SwitchIndex/SwitchState…
- CVE-2024-11051Nov 10, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204. It has been classified as critical. Affected is an unknown function of the file /manager/frontdesk/online_status.php. The manipulation of the argument AccountID leads to sql injection. It is…
- CVE-2024-11050Nov 10, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204 and classified as problematic. This issue affects some unknown processing of the file /language.php. The manipulation of the argument LangID/LangName/LangEName leads to cross site scripting.…
- CVE-2024-41476Aug 9, 2024risk 0.00cvss —epss 0.01
AMTT Hotel Broadband Operation System (HiBOS) V3.0.3.151204 and before is vulnerable to SQL Injection via /manager/card/card_detail.php.
- CVE-2024-39072Jul 9, 2024risk 0.00cvss —epss 0.00
AMTT Hotel Broadband Operation System (HiBOS) v3.0.3.151204 is vulnerable to SQL injection via manager/conference/calendar_remind.php.
- CVE-2023-6647Dec 10, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in AMTT HiBOS 1.0. Affected by this issue is some unknown functionality. The manipulation of the argument Type leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the…