漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Netwin SurgeFTP <= v23c8 Authenticated RCE
Vulnerability Description
Netwin SurgeFTP version 23c8 and prior contains a vulnerability in its web-based administrative console that allows authenticated users to execute arbitrary system commands via crafted POST requests to `surgeftpmgr.cgi`. This can lead to full remote code execution on the underlying system.
CVSS Information
N/A
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
NetWin Netwin SurgeFTP 安全漏洞
Vulnerability Description
NetWin Netwin SurgeFTP是新西兰NetWin公司的一款多平台FTP服务器软件。 NetWin Netwin SurgeFTP 23c8及之前版本存在安全漏洞,该漏洞源于未正确处理POST请求,可能导致远程命令执行。
CVSS Information
N/A
Vulnerability Type
N/A