CVE-2024-0939 — AI Deep Analysis Summary

🚨 **Essence**: Unrestricted file upload in Byzoro Smart S210 Management Platform.…

🛡️ **Root Cause**: **CWE-434** (Unrestricted Upload of File with Dangerous Type).…

🏢 **Affected Vendor**: Beijing Baichuo (Byzoro). 📦 **Product**: Smart S210 Management Platform (Multi-service security gateway). 📅 **Versions**: Up to version **20240117** and earlier.

🕵️ **Attacker Actions**: Upload arbitrary files (PHP, ASP, etc.). 📂 **Impact**: Gain unauthorized access to server files.…

🔑 **Auth Required**: **Yes**. CVSS vector `PR:L` (Privileges Required: Low). 🌐 **Network**: `AV:N` (Network exploitable).…

🔓 **Public Exploit**: **Yes**. PoC available via Nuclei templates (`CVE-2024-0939.yaml`) and GitHub repos. 🚀 **Ease**: Automated scanning tools can detect and exploit this easily.

🔍 **Self-Check**: Scan for the endpoint `/Tool/uploadfile.php`. 🧪 **Test**: Attempt to upload a test file with a dangerous extension (e.g., `.php`).…

🛠️ **Official Fix**: Update to a version **newer than 20240117**. 📢 **Action**: Contact Byzoro support for the latest patch. Check vendor advisories for specific fixed build numbers.

🚧 **No Patch?**: 1. **Restrict Access**: Block port access to the management platform via firewall. 2. **Input Validation**: If possible, implement WAF rules to block uploads of executable extensions. 3.…

⚡ **Urgency**: **HIGH**. CVSS Score indicates Critical impact. Since PoCs are public and auth is only 'Low', immediate patching or mitigation is essential to prevent unauthorized access and RCE.