Hotel Broadband Operation System
Approved changes feed: RSS · Atom
cpe:2.3:a:amtt:hotel_broadband_operation_system:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Amtt (d4081163-6c51-5571-a155-aeb7a640abfe) |
|---|---|
| Product | Hotel Broadband Operation System (85d55c5b-2d60-5515-a6f3-c4ffe2b4b755) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-7697 |
vulnerable | 2026-06-08 08:08:57.585443 |
AMTT Hotel Broadband Operation System cardhand_submit.php sql injection
MEDIUM (4.7)
A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhand_submit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-05-03T13:15:10.392Z
Updated: 2026-05-04T17:50:43.559Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-3983 |
vulnerable | 2026-06-08 07:23:10.262388 |
AMTT Hotel Broadband Operation System nlog_down.php command injection
MEDIUM (4.7)
A vulnerability has been found in AMTT Hotel Broadband Operation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manager/system/nlog_down.php. The manipulation of the argument ProtocolType leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-04-27T19:31:03.781Z
Updated: 2025-05-02T04:37:09.714Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2701 |
vulnerable | 2026-06-08 07:16:58.091095 |
AMTT Hotel Broadband Operation System port_setup.php popen os command injection
MEDIUM (6.3)
A vulnerability classified as critical was found in AMTT Hotel Broadband Operation System 1.0. This vulnerability affects the function popen of the file /manager/network/port_setup.php. The manipulation of the argument SwitchVersion/SwitchWrite/SwitchIP/SwitchIndex/SwitchState leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-03-24T09:00:06.117Z
Updated: 2025-03-24T12:04:44.527Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-14090 |
vulnerable | 2026-06-08 07:06:33.571046 |
AMTT Hotel Broadband Operation System cardmake_down.php sql injection
MEDIUM (4.7)
A security flaw has been discovered in AMTT Hotel Broadband Operation System 1.0. This affects an unknown part of the file /manager/card/cardmake_down.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-12-05T15:32:08.538Z
Updated: 2025-12-05T16:47:33.595Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-13123 |
vulnerable | 2026-06-08 07:04:31.655057 |
AMTT Hotel Broadband Operation System get_firstdate.php sql injection
MEDIUM (6.3)
A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/get_firstdate.php. Executing manipulation of the argument uid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-11-13T19:02:06.768Z
Updated: 2025-11-13T19:36:38.742Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-12253 |
vulnerable | 2026-06-08 07:04:29.940790 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11051 |
vulnerable | 2026-06-08 06:23:48.587409 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11050 |
vulnerable | 2026-06-08 06:23:48.584387 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.