Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer before 9.0.1.19899 does not validate user permissions, which allow remote attackers to add user accounts with administrator privileges via the newuser, pwd, and selectedUserGroup parameters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Plixer Scrutinizer NetFlow & sFlow Analyzer 授权问题漏洞
Vulnerability Description
Plixer Scrutinizer NetFlow & sFlow Analyzer是美国Plixer公司的一套网络流量分析系统。该系统提供流量监视、上下文取证和安全分析等功能。 Plixer Scrutinizer NetFlow & sFlow Analyzer 9.0.1.19899之前版本中的cgi-bin/userprefs.cgi文件存在授权问题漏洞,该漏洞源于程序没有验证用户的权限。远程攻击者可借助‘newuser’、‘pwd’和‘selectedUserGroup’参数利用该漏洞以管理员
CVSS Information
N/A
Vulnerability Type
N/A