Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) processes unspecified commands before TLS is enabled for a session, which allows remote attackers to obtain sensitive information by reading the replies to these commands, aka "FTP Command Injection Vulnerability."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft FTP Service 命令注入漏洞
Vulnerability Description
Microsoft IIS(Internet Information Server)是Microsoft Windows系统默认自带的Web服务器软件,其中默认包含FTP服务。 Internet Information Services (IIS)中的Microsoft FTP Service 7.0和7.5版本中存在漏洞,该漏洞源于在未对会话启用TLS加密前,程序即处理了未明的命令。通过读取对这些命令的回复,远程攻击者可利用该漏洞获取敏感信息,又名“FTP命令注入漏洞”。
CVSS Information
N/A
Vulnerability Type
N/A