漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
Cross-site request forgery (CSRF) vulnerability in pop/WizU.html in the management interface in Check Point VPN-1 Edge X Embedded NGX 7.0.33x on the Check Point VPN-1 UTM Edge allows remote attackers to perform privileged actions as administrators, as demonstrated by a request with the swuuser and swupass parameters, which adds an administrator account. NOTE: the CSRF attack has no timing window because there is no logout capability in the management interface.
漏洞信息
N/A
漏洞
N/A
漏洞
Check Point VPN-1 UTM Edge 跨站请求伪造漏洞
漏洞信息
Check Point VPN-1 UTM Edge中的Check Point VPN-1 Edge X Embedded NGX 7.0.33x中管理界面的pop/WizU.html存在跨站请求伪造漏洞。远程攻击者可以作为管理员身份执行特权操作,例如swuuser和swupass参数的请求可以增加管理员账号。
漏洞信息
N/A
漏洞
N/A