CVE-2024-4904 | Byzoro Smart S200 Management Platform userattestation.php web_img unrestricted upload

Inserito da Angelo Barbosa | Mag 15, 2024 | CVE

A vulnerability was found in Byzoro Smart S200 Management Platform. It has been rated as critical. This issue affects some unknown processing of the file /useratte/userattestation.php. The manipulation of the argument web_img leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-4904. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-4904 | Byzoro Smart S200 Management Platform userattestation.php web_img unrestricted upload

Post correlati

CVE-2024-33929 | wpWax Directorist Plugin up to 7.8.6 on WordPress authorization

CVE-2024-7066 | F-logic DataCube3 1.0 HTTP POST Request config_time_sync.php ntp_server os command injection

CVE-2024-4349 | SourceCodester Pisay Online E-Learning System 1.0 /lesson/controller.php file unrestricted upload

CVE-2024-35691 | Marketing Fire Widget Options Plugin up to 5.1.0 on WordPress information disclosure