漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Raidsonic NAS Devices Unauthenticated Remote Command Execution
Vulnerability Description
An OS command injection vulnerability exists in multiple Raidsonic NAS devices—specifically tested on IB-NAS5220 and IB-NAS4220—via the unauthenticated timeHandler.cgi endpoint exposed through the web interface. The CGI script fails to properly sanitize user-supplied input in the timeZone parameter of a POST request, allowing remote attackers to inject arbitrary shell commands.
CVSS Information
N/A
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Raidsonic IB-NAS5220和Raidsonic IB-NAS4220 安全漏洞
Vulnerability Description
Raidsonic IB-NAS5220和Raidsonic IB-NAS4220都是德国Raidsonic公司的一款无线路由器。 Raidsonic IB-NAS5220和Raidsonic IB-NAS4220存在安全漏洞,该漏洞源于timeHandler.cgi端点输入清理不足,可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A