Vulnerabilities (CVE)

Filtered by vendor Guoxinled Subscribe
Filtered by product Synthesis Image System
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-38468 1 Guoxinled 1 Synthesis Image System 2024-11-21 N/A 9.8 CRITICAL
Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API.
CVE-2024-38466 1 Guoxinled 1 Synthesis Image System 2024-11-21 N/A 9.8 CRITICAL
Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password.
CVE-2024-38465 1 Guoxinled 1 Synthesis Image System 2024-11-21 N/A 5.3 MEDIUM
Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus error.