GCVE - cpe:2.3:a:byzoro:smart_s80:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:byzoro:smart_s80:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Byzoro (`c0149b13-575d-5f46-8433-80a5a52dd1d3`)
Product	Smart S80 (`f8da3dee-ecac-51e5-a3ac-23dfed70f86a`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-3521`	vulnerable	2026-06-03 14:56:24.617428	Byzoro Smart S80 Management Platform userattestation.php unrestricted upload MEDIUM (4.7) A vulnerability was found in Byzoro Smart S80 Management Platform up to 20240317. It has been rated as critical. Affected by this issue is some unknown functionality of the file /useratte/userattestation.php. The manipulation of the argument web_img leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259892. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: 2024-04-09T22:31:04.562Z Updated: 2024-08-01T20:12:07.743Z Open on db.gcve.eu Reference links https://vuldb.com/?id.259892 https://vuldb.com/?ctiid.259892 https://vuldb.com/?submit.308509 https://github.com/garboa/cve_3/blob/main/Upload2.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-3346`	vulnerable	2026-06-03 14:56:24.088096	Byzoro Smart S80 webmailattach.php os command injection MEDIUM (6.3) A vulnerability was found in Byzoro Smart S80 up to 20240328. It has been declared as critical. This vulnerability affects unknown code of the file /log/webmailattach.php. The manipulation of the argument mail_file_path leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259450 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: 2024-04-05T15:31:04.133Z Updated: 2024-08-01T20:05:08.498Z Open on db.gcve.eu Reference links https://vuldb.com/?id.259450 https://vuldb.com/?ctiid.259450 https://vuldb.com/?submit.306277 https://github.com/Yu1e/vuls/blob/main/Byzro%20Networks%20Smart%20S80%20management%20platform%20has%20rce%20vulnerability.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-6274`	vulnerable	2026-06-03 14:53:51.360346	Byzoro Smart S80 PHP File updatelib.php unrestricted upload MEDIUM (6.3) A vulnerability was found in Byzoro Smart S80 up to 20231108. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /sysmanage/updatelib.php of the component PHP File Handler. The manipulation of the argument file_upload leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246103. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: 2023-11-24T14:00:04.902Z Updated: 2024-08-02T08:28:20.357Z Open on db.gcve.eu Reference links https://vuldb.com/?id.246103 https://vuldb.com/?ctiid.246103 https://vuldb.com/?submit.234888 https://github.com/Carol7S/cve/blob/main/rce.md	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.