14 matches found
CVE-2023-5959
Summary: CVE-2023-5959 affects Byzoro Smart S85F Management Platform v31R02B10-01. The vulnerability is in an unknown function of /login.php where manipulating the txt_newpwd parameter leads to weak password recovery. Public disclosure is noted. The issue is described as a technical weakness rath...
CVE-2023-5684 Byzoro Smart S85F Management Platform importexport.php os command injection
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231012. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /importexport.php. The manipulation leads to os command injection. The attack can be launched remotely. The...
CVE-2023-5684 Byzoro Smart S85F Management Platform importexport.php os command injection
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231012. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /importexport.php. The manipulation leads to os command injection. The attack can be launched remotely. The...
CVE-2023-5683
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231010 and classified as critical. This issue affects some unknown processing of the file /sysmanage/importconf.php. The manipulation of the argument btnfilerenew leads to os command injection. The attack may be initiated...
PT-2023-32260 · Beijing Baichuo +1 · Beijing Baichuo Smart S85F Management Platform +1
Name of the Vulnerable Software and Affected Versions: Byzoro Smart S85F Management Platform versions up to 20231012 Beijing Baichuo Smart S85F Management Platform versions up to 20231012 Description: A critical issue has been found, affecting an unknown functionality of the file /importexport.ph...
CVE-2023-4739 Byzoro Smart S85F Management Platform updateos.php unrestricted upload
A vulnerability, which was classified as critical, has been found in Byzoro Smart S85F Management Platform up to 20230820. Affected by this issue is some unknown functionality of the file /sysmanage/updateos.php. The manipulation of the argument 1fileupload leads to unrestricted upload. The attac...
CVE-2023-4544 Byzoro Smart S85F Management Platform php.ini direct request
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230809. It has been rated as problematic. This issue affects some unknown processing of the file /config/php.ini. The manipulation leads to direct request. The attack may be initiated remotely. The exploit has been disclos...
CVE-2023-4544
CVE-2023-4544 affects Beijing Baichuo/Beijing Baichuo Smart S85F Management Platform (and variants named Byzoro/Beizuo in sources) up to version 20230809. The root cause is improper handling of the file /config/php.ini, enabling a direct request that can be triggered remotely. Public disclosure o...
CVE-2023-4414
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230807. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to command injection. The attack can be...
Command injection
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230807. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to command injection. The attack can...
CVE-2023-4414 Byzoro Smart S85F Management Platform decodmail.php command injection
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230807. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to command injection. The attack can be...
CVE-2023-4120 Byzoro Smart S85F Management Platform importhtml.php command injection
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230722 and classified as critical. This issue affects some unknown processing of the file importhtml.php. The manipulation of the argument sql leads to command injection. The attack may be initiated remotely. The exploit h...
CVE-2023-4120 Byzoro Smart S85F Management Platform importhtml.php command injection
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230722 and classified as critical. This issue affects some unknown processing of the file importhtml.php. The manipulation of the argument sql leads to command injection. The attack may be initiated remotely. The exploit h...
CVE-2023-4120
CVE-2023-4120 affects Byzoro Smart S85F Management Platform (versions up to 20230722). The vulnerability is in the processing of the file importhtml.php where manipulation of the sql argument leads to remote command injection. Exploitation is possible remotely and has been publicly disclosed per ...