CVE-2024-9554

Name of the Vulnerable Software and Affected Versions Sovell Smart Canteen System versions up to 3.0.7303.30513

Description A vulnerability was found in the Sovell Smart Canteen System, affecting the function Check ET CheckPwdz201 of the file suanfa.py, which is part of the Password Reset Handler component. This issue leads to authorization bypass and can be exploited remotely, although the complexity of the attack is considered high and the exploitation appears to be difficult.

Recommendations For versions up to 3.0.7303.30513, as a temporary workaround, consider disabling the Check ET CheckPwdz201 function until a patch is available. Restrict access to the Password Reset Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.