CVE-2024-38467 | Shenzhen Guoxin Synthesis Image System up to 8.2.x API queryUser improper authorization

Inserito da Angelo Barbosa | Giu 16, 2024 | CVE

A vulnerability was found in Shenzhen Guoxin Synthesis Image System up to 8.2.x and classified as problematic. This issue affects the function queryUser of the component API. The manipulation leads to improper authorization.

The identification of this vulnerability is CVE-2024-38467. Access to the local network is required for this attack. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-38467 | Shenzhen Guoxin Synthesis Image System up to 8.2.x API queryUser improper authorization

Post correlati

CVE-2023-6962 | WP Meta SEO Plugin up to 4.5.12 on WordPress Meta Description information disclosure

CVE-2023-50249 | Sentry Astro prior 7.87.0 redos

CVE-2023-48202 | Sunlight CMS 8.0.1 File Manager cross site scripting

CVE-2024-41687 | SyroTech SY-GPON-1110-WDONT 3.1.02-231102 HTTP Session cleartext transmission (CIVN-2024-0225)