First published: Tue Oct 10 2023(Updated: )
A vulnerability, which was classified as critical, was found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. Affected is an unknown function of the file /sysmanage/licence.php. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241644. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Byzoro Smart S45f Firmware | <=20230928 | |
Byzoro Smart S45F | ||
All of | ||
<=20230928 | ||
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-5492 is high.
The affected software of CVE-2023-5492 is Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928.
You can find more information about CVE-2023-5492 at the following references: [GitHub](https://github.com/llixixi/cve/blob/main/s45_upload_licence.md), [VulDB](https://vuldb.com/?ctiid.241644), [VulDB](https://vuldb.com/?id.241644).