CVE-2024-0712

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 19, 2024

Updated: May 17, 2024

CWE ID 284

Summary

CVE-2024-0712 is a newly disclosed critical vulnerability affecting Byzoro Smart S150 Management Platform V31R02B15. An unknown function within the file /useratte/inc/userattea.php contains improper access controls, allowing for unauthorized access. This vulnerability can be exploited remotely, making it a significant security risk. The exploit has been made public, increasing the potential for malicious actors to take advantage of it. VDB-251538 is the identifier assigned to this vulnerability, and unfortunately, the vendor has not responded to disclosure efforts.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uM8d9t
https://www.cve.org/CVERecord?id=CVE-2024-0712
https://nvd.nist.gov/vuln/detail/CVE-2024-0712

Back to Vulnerability Database

CVE-2024-0712

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations