Sanbao

#9357of 53,630
29.4Total CVSS
Vulnerabilities · 3
Critical
3
PT-2024-38686
9.8
2024-08-18
Anhui Deshun Intelligent Technology · Jielink+ Jsotc2016 · CVE-2024-7919
**Name of the Vulnerable Software and Affected Versions** Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805 **Description** A critical issue has been found in the processing of the file /report/ParkChargeRecord/GetDataList, leading to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805, patch immediately and review access permissions to mitigate the risk of remote exploitation. As a temporary workaround, consider restricting access to the /report/ParkChargeRecord/GetDataList file until a patch is available.
PT-2024-38687
9.8
2024-08-18
Anhui Deshun Intelligent Technology · Jielink+ · CVE-2024-7920
**Name of the Vulnerable Software and Affected Versions** Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805 **Description** A vulnerability was found in the file /Report/ParkCommon/GetParkInThroughDeivces, affecting an unknown function. This leads to improper access controls, allowing remote attacks. The exploit has been disclosed to the public and may be used. **Recommendations** As a temporary workaround, consider restricting access to the file /Report/ParkCommon/GetParkInThroughDeivces until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2024-38688
9.8
2024-08-18
Anhui Deshun Intelligent Technology · Jielink+ Jsotc2016 · CVE-2024-7921
**Name of the Vulnerable Software and Affected Versions** Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805 **Description** A vulnerability has been found in the software, classified as problematic, and affects an unknown functionality of the file /report/ParkOutRecord/GetDataList. The manipulation leads to improper access controls. The attack can be launched remotely. **Recommendations** For Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805, as a temporary workaround, consider restricting access to the /report/ParkOutRecord/GetDataList file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.