Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
wgate.dll in SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to obtain potentially sensitive information such as directory structure and operating system via incorrect parameters (1) ~service, (2) ~templatelanguage, (3) ~language, (4) ~theme, or (5) ~template, which leaks the information in the resulting error message.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SAP Internet Transaction Server远程信息泄露漏洞
Vulnerability Description
SAP Internet Transaction Server (ITS)是一款基于Internet的事务服务程序。 SAO ITS服务器由于没有正确处理畸形请求,远程攻击者可以利用这个漏洞获得本地系统敏感信息。 问题存在于wgate.dll问中,由于不充分处理用户提交的各种参数,攻击者可以提交包含非法输入参数的WEB请求,可导致服务器返回包含各种系统信息,目录结构的敏感信息给客户端,攻击者可以利用这些信息进一步对系统进行攻击。
CVSS Information
N/A
Vulnerability Type
N/A