CVE-2025-3983

Name of the Vulnerable Software and Affected Versions AMTT Hotel Broadband Operation System version 1.0

Description A critical issue has been found in the system, affecting an unknown functionality of the file /manager/system/nlog down.php. The manipulation of the ProtocolType argument leads to command injection. This issue can be exploited remotely. Other parameters might also be affected.

Recommendations For AMTT Hotel Broadband Operation System version 1.0, as a temporary workaround, consider restricting access to the /manager/system/nlog down.php file until a patch is available. Avoid using the ProtocolType argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.