CVE-2023-4745

Name of the Vulnerable Software and Affected Versions Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform versions up to 20230822

Description A critical issue affects some unknown functionality of the file /importexport.php, leading to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations For versions up to 20230822, as a temporary workaround, consider restricting access to the /importexport.php file until a patch is available. Avoid using the file /importexport.php in a way that could lead to sql injection until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.