Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Working Resources Inc. BadBlue Enterprise Edition 1.7 through 1.74 attempts to restrict administrator actions to the IP address of the local host, but does not provide additional authentication, which allows remote attackers to execute arbitrary code via a web page containing an HTTP POST request that accesses the dir.hts page on the localhost and adds an entire hard drive to be shared.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Working Resources BadBlue管理接口任意文件访问漏洞
Vulnerability Description
Working Resources Inc. BadBlue企业版1.7至1.74版本限制本地IP地址的管理员行为,但不提供附加认证。远程攻击者可以借助包含HTTP POST请求的web页面执行任意代码,该请求访问本地主机、地址和整个分享的硬盘驱动器。
CVSS Information
N/A
Vulnerability Type
N/A