What is the severity of CVE-2023-5489?

The severity of CVE-2023-5489 is classified as high with a severity value of 8.8.

What software is affected by CVE-2023-5489?

The Byzoro Smart S45f Firmware up to version 20230928 is affected by CVE-2023-5489.

How does CVE-2023-5489 impact the affected software?

CVE-2023-5489 allows for unrestricted file upload manipulation, which can lead to unauthorized access and potential exploits in the Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform.

Are there any known fixes or patches for CVE-2023-5489?

Currently, there is no known fix or patch available for CVE-2023-5489. It is recommended to update to a secure version of the Byzoro Smart S45f Firmware once a fix is released.

What is the Common Weakness Enumeration (CWE) ID associated with CVE-2023-5489?

The Common Weakness Enumeration (CWE) ID associated with CVE-2023-5489 is CWE-434.

Vulnerability/
CVE-2023-5489

high

8.8

CWE

434

10/10/2023

29/8/2024

CVE-2023-5489: Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform uploadfile.php unrestricted upload

First published: Tue Oct 10 2023(Updated: )

A vulnerability classified as critical has been found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. This affects an unknown part of the file /Tool/uploadfile.php. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-241641 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Credit: cna@vuldb.com cna@vuldb.com

Affected Software	Affected Version	How to fix
Byzoro Smart S45f Firmware	<=20230928
Byzoro Smart S45F
All of
	<=20230928

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2023-5489?
The severity of CVE-2023-5489 is classified as high with a severity value of 8.8.
What software is affected by CVE-2023-5489?
The Byzoro Smart S45f Firmware up to version 20230928 is affected by CVE-2023-5489.
How does CVE-2023-5489 impact the affected software?
CVE-2023-5489 allows for unrestricted file upload manipulation, which can lead to unauthorized access and potential exploits in the Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform.
Are there any known fixes or patches for CVE-2023-5489?
Currently, there is no known fix or patch available for CVE-2023-5489. It is recommended to update to a secure version of the Byzoro Smart S45f Firmware once a fix is released.
What is the Common Weakness Enumeration (CWE) ID associated with CVE-2023-5489?
The Common Weakness Enumeration (CWE) ID associated with CVE-2023-5489 is CWE-434.

agent/author
agent/type
agent/weakness
collector/mitre-cve
source/MITRE
agent/severity
agent/references
agent/title
agent/first-publish-date
agent/event
agent/description
collector/nvd-index
agent/software-canonical-lookup-request
agent/tags
agent/softwarecombine
agent/last-modified-date
collector/nvd-api
source/NVD
vendor/byzoro
canonical/byzoro smart s45f firmware
version/byzoro smart s45f firmware/20230928
canonical/byzoro smart s45f

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.