CVE-2024-38467 | Shenzhen Guoxin Synthesis Image System up to 8.2.x API queryUser improper authorization

Inserito da Angelo Barbosa | Giu 16, 2024 | CVE

A vulnerability was found in Shenzhen Guoxin Synthesis Image System up to 8.2.x and classified as problematic. This issue affects the function queryUser of the component API. The manipulation leads to improper authorization.

The identification of this vulnerability is CVE-2024-38467. Access to the local network is required for this attack. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-38467 | Shenzhen Guoxin Synthesis Image System up to 8.2.x API queryUser improper authorization

Post correlati

CVE-2024-4815 | Ruijie RG-UAC up to 20240506 detail.php filename os command injection

CVE-2024-3469 | GP Premium Plugin up to 2.4.0 on WordPress cross site scripting

CVE-2024-7651 | App Builder Plugin up to 4.2.6 on WordPress sql injection

CVE-2023-49795 | MindsDB up to 23.11.4.0 file.py server-side request forgery (GHSA-34mr-6q8x-g9r6)