CVE-2024-9554 | Sovell Smart Canteen System up to 3.0.7303.30513 Password Reset suanfa.py Check_ET_CheckPwdz201 authorization

Posted by Angelo Barbosa | Oct 5, 2024 | CVE

A vulnerability classified as problematic was found in Sovell Smart Canteen System up to 3.0.7303.30513. Affected by this vulnerability is the function Check_ET_CheckPwdz201 of the file suanfa.py of the component Password Reset Handler. The manipulation leads to authorization bypass.

This vulnerability is known as CVE-2024-9554. The attack can be launched remotely. There is no exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-9554 | Sovell Smart Canteen System up to 3.0.7303.30513 Password Reset suanfa.py Check_ET_CheckPwdz201 authorization

Related Posts

CVE-2024-2702 | Olive Themes Olive One Click Demo Import Plugin up to 1.1.1 on WordPress cross site scripting

CVE-2024-22105 | Mitsubishi Electric CPU Module Logging Configuration Tool resource consumption (icsa-24-135-04)

CVE-2024-36480 | Ricoh Streamline NX PC Client up to 3.7.2 hard-coded credentials (ricoh-2024-000005)

CVE-2024-31069 | IOSiX IO-1020 Micro ELD prior 360 Web Server default credentials (icsa-24-093-01)