Silex Technology SD-330AC and AMC Manager Missing Authentication Vulnerability in Firmware Maintenance
Vulnerability
A vulnerability allowing arbitrary file uploads without authentication has been identified in the SD-330AC device and the AMC Manager application, both provided by Silex Technology, Inc. This issue affects SD-330AC versions through 1.42 and AMC Manager versions through 5.0.2. The vulnerability arises from a missing authentication for critical functions related to firmware maintenance, allowing unauthorized users to upload files to the device.
Impact
Exploitation of this vulnerability could lead to unauthorized file uploads on the affected device.
Remediation
Users are advised to update the SD-330AC firmware to version 1.50 or later and AMC Manager to version 5.1.0 or later. After updating, it is recommended to set a password for the web configuration interface to prevent unauthorized access.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.