PT-2024-21415 · Hangzhou Xiongwei Technology Development Co. · Restaurant Digital Comprehensive Management Platform

Published

2024-07-26

Updated

2024-08-01

CVE-2024-26520

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Hangzhou Xiongwei Technology Development Co., Ltd. Restaurant Digital Comprehensive Management platform version v1

Description The issue allows an attacker to bypass authentication and perform arbitrary password resets.

Recommendations For Hangzhou Xiongwei Technology Development Co., Ltd. Restaurant Digital Comprehensive Management platform version v1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-620

Related Identifiers

CVE-2024-26520

Affected Products

Restaurant Digital Comprehensive Management Platform

CVE-2024-26520

Weakness Enumeration

Related Identifiers

Affected Products

References · 6