Guoxinled Synthesis Image System — known CVE vulnerabilities
Every CVE whose affected-product data names Guoxinled Synthesis Image System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2024-38468 — CVSS 9.8 (critical): Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API.
CVE-2024-38467 — CVSS 7.5 (high): Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API.
CVE-2024-38465 — CVSS 5.3 (medium): Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus…