3 matches found
CVE-2024-38465
Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus error...
PT-2024-28021 · Shenzhen Guoxin · Shenzhen Guoxin Synthesis Image System
Name of the Vulnerable Software and Affected Versions: Shenzhen Guoxin Synthesis image system versions prior to 8.3.0 Description: The issue allows unauthorized user information retrieval. This is achieved via the "queryUser API" endpoint. Recommendations: For versions prior to 8.3.0, update to...
Shenzhen Guoxin Synthesis image system security vulnerability
Shenzhen Guoxin Synthesis image system is an image system from Shenzhen Guoxin Synthesis, a company based in Shenzhen, China. A security vulnerability exists in Shenzhen Guoxin Synthesis image system versions prior to 8.3.0, which stems from a default password of 123456Qw...