Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The web interface on the Dell iDRAC6 with firmware before 1.95 allows remote attackers to modify the CLP interface for arbitrary users and possibly have other impact via a request to an unspecified form that is accessible from testurls.html. NOTE: the vendor disputes the significance of this issue, stating "DRAC's are intended to be on a separate management network; they are not designed nor intended to be placed on or connected to the Internet."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dell iDRAC 6防火墙Web接口安全漏洞
Vulnerability Description
Dell Integrated Remote Access Controller(iDRAC)6是美国戴尔(Dell)公司的一套包含硬件和软件的系统管理解决方案。该方案为Dell PowerEdge系统提供远程管理、崩溃系统恢复和电源控制等功能。 Dell iDRAC 6防火墙1.7版本中的Web接口中存在漏洞。远程攻击者可通过发送到可访问testurls.html的表单的请求,利用该漏洞修改任意用户的CLP接口,也可能产生其他影响。
CVSS Information
N/A
Vulnerability Type
N/A