CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4546 – Byzoro Smart S85F Management Platform licence.php access control
https://notcve.org/view.php?id=CVE-2023-4546
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230816. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /sysmanage/licence.php. The manipulation leads to improper access controls. The exploit has been disclosed to the public and may be used. • https://github.com/hutianshuai/CVE/blob/main/information_disclosure.md https://vuldb.com/?ctiid.238057 https://vuldb.com/?id.238057 https://vuldb.com/?submit.195836 • CWE-284: Improper Access Control •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4544 – Byzoro Smart S85F Management Platform php.ini direct request
https://notcve.org/view.php?id=CVE-2023-4544
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230809. It has been rated as problematic. This issue affects some unknown processing of the file /config/php.ini. The manipulation leads to direct request. The attack may be initiated remotely. • https://github.com/jo1995hn/cve/blob/main/s856.md https://vuldb.com/?ctiid.238049 https://vuldb.com/?id.238049 https://vuldb.com/?submit.193047 • CWE-425: Direct Request ('Forced Browsing') •