CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-5494 – Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform download.php os command injection
https://notcve.org/view.php?id=CVE-2023-5494
A vulnerability was found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928 and classified as critical. Affected by this issue is some unknown functionality of the file /log/download.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/7332all/cve/blob/main/rce_1.md https://vuldb.com/?ctiid.241646 https://vuldb.com/?id.241646 https://vuldb.com/?submit.215382 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-5493 – Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform web.php unrestricted upload
https://notcve.org/view.php?id=CVE-2023-5493
A vulnerability has been found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /useratte/web.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/llixixi/cve/blob/main/s45_upload_web.md https://vuldb.com/?ctiid.241645 https://vuldb.com/?id.241645 https://vuldb.com/?submit.213951 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-5492 – Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform licence.php unrestricted upload
https://notcve.org/view.php?id=CVE-2023-5492
A vulnerability, which was classified as critical, was found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. Affected is an unknown function of the file /sysmanage/licence.php. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/llixixi/cve/blob/main/s45_upload_licence.md https://vuldb.com/?ctiid.241644 https://vuldb.com/?id.241644 https://vuldb.com/?submit.213949 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-5491 – Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform updatelib.php unrestricted upload
https://notcve.org/view.php?id=CVE-2023-5491
A vulnerability, which was classified as critical, has been found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. This issue affects some unknown processing of the file /sysmanage/updatelib.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/llixixi/cve/blob/main/s45_upload_changelogo.md https://vuldb.com/?ctiid.241643 https://vuldb.com/?id.241643 https://vuldb.com/?submit.213948 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-5490 – Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform userattestation.php unrestricted upload
https://notcve.org/view.php?id=CVE-2023-5490
A vulnerability classified as critical was found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. This vulnerability affects unknown code of the file /useratte/userattestation.php. The manipulation of the argument web_img leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/llixixi/cve/blob/main/s45_upload_%20userattestation.md https://vuldb.com/?ctiid.241642 https://vuldb.com/?id.241642 https://vuldb.com/?submit.213947 • CWE-434: Unrestricted Upload of File with Dangerous Type •