Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The control panel for Positive Software H-Sphere before 2.5.0 RC3 creates log files in a user's directory with insecure permissions, which allows local users to append log data to arbitrary files via a symlink attack. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Positive Software H-Sphere 控制面板不安全日志文件许可漏洞
Vulnerability Description
Positive Software H-Sphere的2.5.0 RC3之前版本的控制面板在用户目录中使用不安全许可来创建日志文件,本地用户可通过一个symlink攻击来附加日志数据到任意文件。
CVSS Information
N/A
Vulnerability Type
N/A