First published: Tue Oct 10 2023(Updated: )
A vulnerability was found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. It has been rated as critical. Affected by this issue is some unknown functionality of the file /sysmanage/updatelib.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241640. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Byzoro Smart S45f Firmware | <=20230928 | |
Byzoro Smart S45F | ||
All of | ||
<=20230928 | ||
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-5488 is high, with a severity value of 8.8.
The affected software of CVE-2023-5488 is Byzoro Smart S45f Firmware up to version 20230928.
CVE-2023-5488 is a critical vulnerability found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928, affecting the file /sysmanage/updatelib.php.
A fix for CVE-2023-5488 has not been provided at this time. It is recommended to contact the vendor for a patch or mitigation.
The CWE number for CVE-2023-5488 is 434.