Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to execute arbitrary commands via a STRPCO (Start PC Organizer) command followed by STRPCCMD (Start PC command), as demonstrated by creating a backdoor account using REXEC.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
AS/400 Telnet 未明安全漏洞
Vulnerability Description
AS/400 Telnet 5250终端仿真客户端,当通过(1)IBM client access,(2) Bosanova,(3)PowerTerm,(4)Mochasoft或者其他的仿真软件部署时,允许恶意的AS/400服务器通过后跟STRPCCMD(Start PC command)的STRPCO(Start PC Organizer)命令来执行任意命令,例如通过使用REXEC来创建后门帐户可以触发此漏洞。
CVSS Information
N/A
Vulnerability Type
N/A