CVE-2023-5959

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Nov 11, 2023

Updated: May 17, 2024

CWE ID 640

Summary

CVE-2023-5959: A vulnerability has been identified in Byzoro Smart S85F Management Platform V31R02B10-01. This issue lies within an unknown function of the /login.php file, which can be exploited through weak password recovery by manipulating the txt_newpwd argument. The exploit for this vulnerability (VDB-244992) has been made public, posing a significant risk. Despite early disclosure, the vendor has yet to respond.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r2HbQl
https://www.cve.org/CVERecord?id=CVE-2023-5959
https://nvd.nist.gov/vuln/detail/CVE-2023-5959

Back to Vulnerability Database

CVE-2023-5959

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations