CVE-2024-38468 | Shenzhen Guoxin Synthesis Image System up to 8.2.x API resetPassword password recovery

CVE-2024-38468 | Shenzhen Guoxin Synthesis Image System up to 8.2.x API resetPassword password recovery

A vulnerability was found in Shenzhen Guoxin Synthesis Image System up to 8.2.x. It has been classified as problematic. Affected is the function resetPassword of the component API. The manipulation leads to weak password recovery. This vulnerability is traded as CVE-2024-38468. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.