First published: Thu Aug 03 2023(Updated: )
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230722 and classified as critical. This issue affects some unknown processing of the file importhtml.php. The manipulation of the argument sql leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235967. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Byzoro Smart S85F | <=20230722 | |
<=20230722 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-4120 is critical.
Beijing Baichuo Smart S85F Management Platform up to version 20230722 is affected by CVE-2023-4120.
CVE-2023-4120 allows for command injection in the importhtml.php file, potentially leading to remote code execution.
Yes, CVE-2023-4120 can be exploited remotely.
To fix CVE-2023-4120, it is recommended to apply the latest security update or patch provided by Beijing Baichuo Smart S85F Management Platform.