First published: Tue Oct 10 2023(Updated: )
A vulnerability, which was classified as critical, has been found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. This issue affects some unknown processing of the file /sysmanage/updatelib.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241643. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Byzoro Smart S45f Firmware | <=20230928 | |
Byzoro Smart S45F | ||
All of | ||
<=20230928 | ||
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-5491 is a critical vulnerability found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928.
The severity of CVE-2023-5491 is high, with a severity value of 8.8.
The affected software of CVE-2023-5491 is the Byzoro Smart S45f Firmware up to version 20230928.
The CWE of CVE-2023-5491 is CWE-434.
Yes, you can find references for CVE-2023-5491 at the following links: [GitHub](https://github.com/llixixi/cve/blob/main/s45_upload_changelogo.md), [VulDB](https://vuldb.com/?ctiid.241643), [VulDB](https://vuldb.com/?id.241643).