Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Easy Chat Server 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download certain files via direct requests to files such as (1) ServerKey.pem and (2) AcceptIP.txt. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Easy Chat Server 未明访问权限漏洞
Vulnerability Description
Easy Chat Server 2.1版本在web根下储存敏感信息而未赋予足够的访问限制,这使得远程攻击者可以借助对(1)ServerKey.pem和(2)AcceptIP.txt文件的直接请求,下载特定的文件。
CVSS Information
N/A
Vulnerability Type
N/A