Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in cgi-bin/cmh/get_file.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote authenticated users to read arbirary files via a .. (dot dot) in the filename parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MiCasaVerde VeraLite 路径遍历漏洞
Vulnerability Description
Mi Casa Verde VeraLite是中国香港Mi Casa Verde公司的一套家用网关控制器设备。该设备可通过电脑或手机,对家庭Wi-Fi网络所连接的家电进行控制。 使用1.5.408版本固件的MiCasaVerde VeraLite中的cgi-bin/cmh/get_file.sh文件存在路径遍历漏洞。远程攻击者可通过‘filename’参数中的‘..’字符串利用该漏洞读取任意文件。
CVSS Information
N/A
Vulnerability Type
N/A