Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
imp_rootdir.asp for Hosting Controller allows remote attackers to copy or delete arbitrary files and directories via a direct request to imp_rootdir.asp and modifying parameters such as (1) ftp, (2) owwwPath, and (3) oftpPath.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Hosting Controller导入Root目录脚本命令执行漏洞
Vulnerability Description
Hosting Controller是一款以一接口集中管理大量主机任务的应用程序,可运行在Microsoft Windows操作系统下。 Hosting Controller中的导入root目录脚本在访问时没有进行验证处理,可导致远程攻击者通过此脚本以管理员的权限执行任意命令。 任意用户可以通过访问导入root目录脚本-/import/imp_rootdir.asp绕过验证机制,在系统中以管理员权限拷贝,删除文件目录等。默认情况下,Hosting Controller中的advwebadmin用户是属于管
CVSS Information
N/A
Vulnerability Type
N/A