CVE-2024-0716

Name of the Vulnerable Software and Affected Versions Byzoro Smart S150 Management Platform version V31R02B15

Description A vulnerability has been found in the Byzoro Smart S150 Management Platform, affecting an unknown part of the file /log/download.php of the component Backup File Handler. This leads to information disclosure and can be initiated remotely. The complexity of an attack is rather high, and the exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.

Recommendations For version V31R02B15, as a temporary workaround, consider restricting access to the /log/download.php file until a patch is available. Additionally, restrict the use of the Backup File Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.