Approved changes feed: RSS · Atom

cpe:2.3:a:amtt:hotel_broadband_operation_system:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorAmtt (d4081163-6c51-5571-a155-aeb7a640abfe)
ProductHotel Broadband Operation System (85d55c5b-2d60-5515-a6f3-c4ffe2b4b755)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2026-7697 vulnerable 2026-06-08 08:08:57.585443 AMTT Hotel Broadband Operation System cardhand_submit.php sql injection
MEDIUM (4.7)
A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhand_submit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-05-03T13:15:10.392Z
Updated: 2026-05-04T17:50:43.559Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-3983 vulnerable 2026-06-08 07:23:10.262388 AMTT Hotel Broadband Operation System nlog_down.php command injection
MEDIUM (4.7)
A vulnerability has been found in AMTT Hotel Broadband Operation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manager/system/nlog_down.php. The manipulation of the argument ProtocolType leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-04-27T19:31:03.781Z
Updated: 2025-05-02T04:37:09.714Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-2701 vulnerable 2026-06-08 07:16:58.091095 AMTT Hotel Broadband Operation System port_setup.php popen os command injection
MEDIUM (6.3)
A vulnerability classified as critical was found in AMTT Hotel Broadband Operation System 1.0. This vulnerability affects the function popen of the file /manager/network/port_setup.php. The manipulation of the argument SwitchVersion/SwitchWrite/SwitchIP/SwitchIndex/SwitchState leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-03-24T09:00:06.117Z
Updated: 2025-03-24T12:04:44.527Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-14090 vulnerable 2026-06-08 07:06:33.571046 AMTT Hotel Broadband Operation System cardmake_down.php sql injection
MEDIUM (4.7)
A security flaw has been discovered in AMTT Hotel Broadband Operation System 1.0. This affects an unknown part of the file /manager/card/cardmake_down.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-12-05T15:32:08.538Z
Updated: 2025-12-05T16:47:33.595Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-13123 vulnerable 2026-06-08 07:04:31.655057 AMTT Hotel Broadband Operation System get_firstdate.php sql injection
MEDIUM (6.3)
A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/get_firstdate.php. Executing manipulation of the argument uid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-11-13T19:02:06.768Z
Updated: 2025-11-13T19:36:38.742Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-12253 vulnerable 2026-06-08 07:04:29.940790 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-11051 vulnerable 2026-06-08 06:23:48.587409 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-11050 vulnerable 2026-06-08 06:23:48.584387 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.