This page lists publicly disclosed CVE vulnerabilities affecting guoxinled synthesis_image_system (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-38468 | Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API. | [email protected] | 9.8 | 0.20% | 2024-06-16 | 2025-03-26 |
| CVE-2024-38467 | Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API. | [email protected] | 7.5 | 0.17% | 2024-06-16 | 2025-06-20 |
| CVE-2024-38466 | Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password. | [email protected] | 9.8 | 0.15% | 2024-06-16 | 2025-03-19 |
| CVE-2024-38465 | Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus error. | [email protected] | 5.3 | 0.11% | 2024-06-16 | 2025-03-14 |