Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The site-locking implementation in the SdcWebSecureBase interface in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance relies on a list of server domain names to restrict execution of ActiveX controls, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a DNS hijacking attack.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Consona 多个产品'tgctlcm.dll'动态库site-locking应用加密问题漏洞
Vulnerability Description
Consona是全球领先的企业应用解决方案和服务供应商,为各种规模的企业提供信息化服务。 Consona Live Assistance, Dynamic Agent, 和 Subscriber Assistance的tgctlcm.dll中,SdcWebSecureBase接口的site-locking实现依赖服务器域名列表限制ActiveX控制的执行,中间人攻击者可以发起DNS劫持攻击,轻易执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A