CVSS 3.1 Score 4.7 of 10 (medium)


Published Apr 9, 2024
Updated: Apr 11, 2024
CWE ID 434


CVE-2024-3521 is a critical vulnerability found in Byzoro Smart S80 Management Platform up to version 20240317. The vulnerability allows for unrestricted upload through the manipulation of the argument "web_img" in the file "/useratte/userattestation.php." This exploit can be launched remotely, posing a potential danger to organizations using this platform. The vendor has been notified but did not respond. The vulnerability has been disclosed publicly and may be exploited, with a CVSS score of 5.8.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-3521 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options