Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Byzoro — Vulnerabilities & Security Advisories 35

Browse all 35 CVE security advisories affecting Byzoro. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Byzoro operates as a specialized platform providing automated security testing solutions for web applications and APIs, primarily targeting development teams seeking to integrate vulnerability scanning into their continuous integration pipelines. Historical analysis of its attack surface reveals a pattern of critical flaws, including Remote Code Execution (RCE) and Cross-Site Scripting (XSS), which have frequently allowed attackers to bypass authentication mechanisms or execute arbitrary commands on affected servers. Privilege escalation vulnerabilities have also been documented, enabling low-privileged users to gain administrative control over the testing infrastructure. While specific major public incidents remain limited in detailed reporting, the accumulation of thirty-five Common Vulnerabilities and Exposures (CVEs) indicates persistent challenges in securing the application’s underlying architecture. These recurring issues highlight significant gaps in input validation and access control implementations within the software’s core functionality.

Top products by Byzoro: Smart S85F Management Platform Smart S45F Multi-Service Secure Gateway Intelligent Management Platform S210 Smart S150 Management Platform Smart S80 Smart S80 Management Platform Smart S20 PatrolFlow 2530Pro Smart S210 Management Platform Smart S40 Management Platform Smart S20 Management Platform Smart S42 Management Platform Smart S200 Management Platform
CVE IDTitleCVSSSeverityPublished
CVE-2024-4904 Byzoro Smart S200 Management Platform userattestation.php unrestricted upload — Smart S200 Management PlatformCWE-434 6.3 Medium2024-05-15
CVE-2024-4019 Byzoro Smart S80 Management Platform importhtml.php deserialization — Smart S80 Management PlatformCWE-502 6.3 Medium2024-04-20
CVE-2024-3521 Byzoro Smart S80 Management Platform userattestation.php unrestricted upload — Smart S80 Management PlatformCWE-434 4.7 Medium2024-04-09
CVE-2024-3346 Byzoro Smart S80 webmailattach.php os command injection — Smart S80CWE-78 6.3 Medium2024-04-05
CVE-2024-1918 Byzoro Smart S42 Management Platform userattestation.php unrestricted upload — Smart S42 Management PlatformCWE-434 4.7 Medium2024-02-27
CVE-2024-1254 Byzoro Smart S20 Management Platform sysmanageajax.php sql injection — Smart S20 Management PlatformCWE-89 4.7 Medium2024-02-06
CVE-2024-1253 Byzoro Smart S40 Management Platform Import web.php unrestricted upload — Smart S40 Management PlatformCWE-434 4.7 Medium2024-02-06
CVE-2024-0939 Byzoro Smart S210 Management Platform uploadfile.php unrestricted upload — Smart S210 Management PlatformCWE-434 6.3 Medium2024-01-26
CVE-2024-0716 Byzoro Smart S150 Management Platform Backup File download.php information disclosure — Smart S150 Management PlatformCWE-200 3.1 Low2024-01-19
CVE-2024-0712 Byzoro Smart S150 Management Platform userattea.php access control — Smart S150 Management PlatformCWE-284 7.3 High2024-01-19
CVE-2024-0300 Byzoro Smart S150 Management Platform HTTP POST Request userattestation.php unrestricted upload — Smart S150 Management PlatformCWE-434 6.3 Medium2024-01-08
CVE-2023-7039 Byzoro S210 importexport.php injection — S210CWE-74 6.3 Medium2023-12-21
CVE-2023-6577 Byzoro PatrolFlow 2530Pro mailsendview.php path traversal — PatrolFlow 2530ProCWE-22 4.3 Medium2023-12-07
CVE-2023-6576 Byzoro S210 HTTP POST Request uploadfile.php unrestricted upload — S210CWE-434 6.3 Medium2023-12-07
CVE-2023-6575 Byzoro S210 HTTP POST Request repair.php sql injection — S210CWE-89 6.3 Medium2023-12-07
CVE-2023-6574 Byzoro Smart S20 HTTP POST Request updateos.php unrestricted upload — Smart S20CWE-434 6.3 Medium2023-12-07
CVE-2023-6274 Byzoro Smart S80 PHP File updatelib.php unrestricted upload — Smart S80CWE-434 6.3 Medium2023-11-24
CVE-2023-5959 Byzoro Smart S85F Management Platform login.php password recovery — Smart S85F Management PlatformCWE-640 4.3 Medium2023-11-11
CVE-2023-5684 Byzoro Smart S85F Management Platform importexport.php os command injection — Smart S85F Management PlatformCWE-78 4.7 Medium2023-10-21
CVE-2023-5683 Byzoro Smart S85F Management Platform importconf.php os command injection — Smart S85F Management PlatformCWE-78 6.3 Medium2023-10-21
CVE-2023-5494 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform download.php os command injection — Smart S45F Multi-Service Secure Gateway Intelligent Management PlatformCWE-78 6.3 Medium2023-10-10
CVE-2023-5493 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform web.php unrestricted upload — Smart S45F Multi-Service Secure Gateway Intelligent Management PlatformCWE-434 6.3 Medium2023-10-10
CVE-2023-5492 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform licence.php unrestricted upload — Smart S45F Multi-Service Secure Gateway Intelligent Management PlatformCWE-434 6.3 Medium2023-10-10
CVE-2023-5491 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform updatelib.php unrestricted upload — Smart S45F Multi-Service Secure Gateway Intelligent Management PlatformCWE-434 6.3 Medium2023-10-10
CVE-2023-5490 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform userattestation.php unrestricted upload — Smart S45F Multi-Service Secure Gateway Intelligent Management PlatformCWE-434 6.3 Medium2023-10-10
CVE-2023-5489 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform uploadfile.php unrestricted upload — Smart S45F Multi-Service Secure Gateway Intelligent Management PlatformCWE-434 6.3 Medium2023-10-10
CVE-2023-5488 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform updatelib.php unrestricted upload — Smart S45F Multi-Service Secure Gateway Intelligent Management PlatformCWE-434 6.3 Medium2023-10-10
CVE-2023-4873 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform importexport.php os command injection — Smart S45F Multi-Service Secure Gateway Intelligent Management PlatformCWE-78 6.3 Medium2023-09-10
CVE-2023-4745 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform importexport.php sql injection — Smart S45F Multi-Service Secure Gateway Intelligent Management PlatformCWE-89 6.3 Medium2023-09-03
CVE-2023-4739 Byzoro Smart S85F Management Platform updateos.php unrestricted upload — Smart S85F Management PlatformCWE-434 6.3 Medium2023-09-03

This page lists every published CVE security advisory associated with Byzoro. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.