[{"vendor":"byzoro","product":"smart_s80","defaultStatus":"unknown","cpes":["cpe:2.3:a:byzoro:smart_s80:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"20240328","versionType":"custom","status":"affected"}]}]

{"timestamp":"2024-04-05T19:10:01.116595Z","id":"CVE-2024-3346","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}

[{"vendor":"Byzoro","product":"Smart S80","versions":[{"version":"20240328","status":"affected"}]}]

https://github.com/Yu1e/vuls/blob/main/Byzro%20Networks%20Smart%20S80%20management%20platform%20has%20rce%20vulnerability.md

https://vuldb.com/?ctiid.259450

https://vuldb.com/?id.259450

https://vuldb.com/?submit.306277

A vulnerability was found in Byzro Smart S80 up to 20240328. It has been declared as critical. This vulnerability affects unknown code of the file /log/webmailattach.php. The manipulation of the argument mail_file_path leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259450 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in Byzoro Smart S80 up to 20240328. It has been declared as critical. This vulnerability affects unknown code of the file /log/webmailattach.php. The manipulation of the argument mail_file_path leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259450 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in Byzro Smart S80 up to 20240328. It has been declared as critical. This vulnerability affects unknown code of the file /log/webmailattach.php. The manipulation of the argument mail_file_path leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259450 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

VulDB AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

VulDB (AV:N/AC:L/Au:S/C:P/I:P/A:P)

VulDB CWE-78

VulDB https://github.com/Yu1e/vuls/blob/main/Byzro%20Networks%20Smart%20S80%20management%20platform%20has%20rce%20vulnerability.md [No types assigned]

VulDB https://vuldb.com/?ctiid.259450 [No types assigned]

VulDB https://vuldb.com/?id.259450 [No types assigned]

VulDB https://vuldb.com/?submit.306277 [No types assigned]