Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The SaveToFile method in a certain ActiveX control in TrendDisplay.dll in Canary Labs TrendLink 9.0.2.27051 and earlier does not properly restrict the creation of files, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a crafted web site.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Canary Labs TrendLink ActiveX Control 不安全方法漏洞
Vulnerability Description
Canary Labs TrendLink是一款实时数据趋势查看器。 Canary Labs TrendLink ActiveX Control 9.0.2.27051和之前的版本中存在漏洞,可被恶意人员利用控制用户系统。该漏洞源于TrendLink ActiveX控件(TrendDisplay.dll)提供不安全的‘SaveToFile()’方法。攻击者能够利用该漏洞向任意文件写入任意内容。成功的利用可能允许攻击者执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A