CVE-2023-4546
Byzoro Smart S85F Management Platform licence.php access control
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230816. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /sysmanage/licence.php. The manipulation leads to improper access controls. The exploit has been disclosed to the public and may be used. The identifier VDB-238057 was assigned to this vulnerability.
In Byzoro Smart S85F Management Platform bis 20230816 wurde eine problematische Schwachstelle ausgemacht. Betroffen ist eine unbekannte Verarbeitung der Datei /sysmanage/licence.php. Mittels Manipulieren mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-08-25 CVE Reserved
- 2023-08-26 CVE Published
- 2024-08-02 CVE Updated
- 2024-08-02 First Exploit
- 2024-09-01 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-284: Improper Access Control
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
https://vuldb.com/?id.238057 | Technical Description | |
https://vuldb.com/?submit.195836 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
https://github.com/hutianshuai/CVE/blob/main/information_disclosure.md | 2024-08-02 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Byzoro Search vendor "Byzoro" | Smart S85f Management Platform Search vendor "Byzoro" for product "Smart S85f Management Platform" | <= 2023-08-16 Search vendor "Byzoro" for product "Smart S85f Management Platform" and version " <= 2023-08-16" | - |
Affected
|