CVE-2024-38468 | Shenzhen Guoxin Synthesis Image System up to 8.2.x API resetPassword password recovery

Inserito da Angelo Barbosa | Giu 16, 2024 | CVE

A vulnerability was found in Shenzhen Guoxin Synthesis Image System up to 8.2.x. It has been classified as problematic. Affected is the function resetPassword of the component API. The manipulation leads to weak password recovery.

This vulnerability is traded as CVE-2024-38468. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-38468 | Shenzhen Guoxin Synthesis Image System up to 8.2.x API resetPassword password recovery

Post correlati

CVE-2015-10132 | Thimo Grauerholz WP-Spreadplugin up to 3.8.6.1 on WordPress spreadplugin.php cross site scripting

CVE-2024-3252 | SourceCodester Internship Portal Management System 1.0 admin/check_admin.php username/password sql injection

CVE-2024-25674 | MISP up to 2.4.183 Organisation Logo Upload unrestricted upload

CVE-2024-2741 | Planet IGS-4215-16T2S 1.305b210528 Switch Web Interface cross-site request forgery