First published: Sun Sep 10 2023(Updated: )
A vulnerability, which was classified as critical, was found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230906. Affected is an unknown function of the file /importexport.php. The manipulation of the argument sql leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-239358 is the identifier assigned to this vulnerability.
Credit: cna@vuldb.com cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Byzoro Smart S45f Firmware | <=20230906 | |
Byzoro Smart S45F | ||
All of | ||
<=20230906 | ||
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-4873 is critical.
The affected software in CVE-2023-4873 is Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to version 20230906.
The vulnerability type in CVE-2023-4873 is os command injection.
To fix CVE-2023-4873, it is recommended to update the Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform to a version beyond 20230906.
You can find more information about CVE-2023-4873 at the following references: [link1](https://github.com/cugerQDHJ/cve/blob/main/rce.md), [link2](https://vuldb.com/?ctiid.239358), [link3](https://vuldb.com/?id.239358).