17 matches found
CVE-2024-38467
Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API...
CVE-2024-38465
Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus error...
CVE-2024-38466
Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password...
CVE-2024-38467
Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API...
CVE-2024-38468
Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API...
CVE-2024-38466
The CVE-2024-38466 issue affects Shenzhen Guoxin Synthesis image system up to version 8.3.0, where a default credential 123456Qw is present. Multiple connected sources confirm the vulnerability stems from a hard-coded/default password, enabling unauthorized access if standard credentials are not ...
Shenzhen Guoxin Synthesis Image System Security Vulnerability
Shenzhen Guoxin Synthesis image system is an image system from Shenzhen Guoxin Synthesis, a company based in Shenzhen, China. A security vulnerability exists in Shenzhen Guoxin Synthesis Image System versions prior to 8.3.0 that originates from allowing unauthorized user information to be retriev...
PT-2024-28021 · Shenzhen Guoxin · Shenzhen Guoxin Synthesis Image System
Name of the Vulnerable Software and Affected Versions: Shenzhen Guoxin Synthesis image system versions prior to 8.3.0 Description: The issue allows unauthorized user information retrieval. This is achieved via the "queryUser API" endpoint. Recommendations: For versions prior to 8.3.0, update to...
CVE-2024-38465
Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus error...
CVE-2024-38468
Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API...
CVE-2024-38467
Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API...
CVE-2024-38467
Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API...
Shenzhen Guoxin Synthesis image system security vulnerability
Shenzhen Guoxin Synthesis image system is an image system from Shenzhen Guoxin Synthesis, a company based in Shenzhen, China. A security vulnerability exists in Shenzhen Guoxin Synthesis image system versions prior to 8.3.0, which stems from a default password of 123456Qw...
CVE-2024-38466
Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password...
Shenzhen Guoxin Synthesis image system security vulnerability
Shenzhen Guoxin Synthesis image system is an image system from Shenzhen Guoxin Synthesis, a company based in Shenzhen, China. A security vulnerability exists in the Shenzhen Guoxin Synthesis image system, version prior to 8.3.0, which stems from a discrepancy in the error response that allows...
CVE-2024-38468
CVE-2024-38468 affects Shenzhen Guoxin Synthesis Image System prior to version 8.3.0. The vulnerability allows unauthorized password resets via the resetPassword API, exposing high-severity impact (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Affected component is the image system’s resetPass...
CVE-2024-38465
The CVE-2024-38465 affects Shenzhen Guoxin Synthesis image system prior to version 8.3.0. The vulnerability arises from a response discrepancy between incorrect and error responses, enabling username enumeration. Affected component is the image system software; root cause is inconsistent error ha...