从提供的截图中,我们可以提取到以下关于漏洞的关键信息: 漏洞标题: Akuvox Smart Intercom S539 Improper Access Control via ServicesHTTPAPI 严重性: HIGH 发布日期: December 30, 2025 受影响的产品: Akuvox Smart Doorphone S539, S532, X916, X915, X912, X916 Akuvox Smart Intercom R20K-2, R20A-2, C313W-2, NS-2, NC-2, NX-2 漏洞编号和分类: ZSL-2024-58337 CWE-862 Missing Authorization CVSS评分: CVSS: 4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N 参考资料: Zero Science Lab disclosure (ZSL-2024-5862) Packet Storm Security Exploit Entry CXSecurity Vulnerability Listing 漏洞描述: Akuvox Smart Intercom S539 contains an improper access control vulnerability that allows users with 'User' privileges to modify API access settings and configurations. Attackers can exploit this vulnerability to escalate privileges and gain unauthorized access to administrative functionalities. 报告者: LiquidWorm as Gjoko Krstic of Zero Science Lab