Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of (1) ConfigureCoreFile.sh, (2) Traceroute.sh, (3) apps.sh, (4) conversion_java2native.sh, (5) coreCompression.sh, (6) deletePasswd.sh, (7) findHealthSvcFDs.sh, (8) fw_printenv.sh, (9) fw_setenv.sh, (10) hw_wd_kicker.sh, (11) new_rootfs.sh, (12) opera_killSnmpd.sh, (13) opera_startSnmpd.sh, (14) rebootOperaSoftware.sh, (15) removeLogFiles.sh, (16) runOperaServices.sh, (17) setPasswd.sh, (18) startAccTestSvcs.sh, (19) usbNotification.sh, or (20) appWeb in /Opera_Deploy.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Unify OpenStage SIP和OpenScape Desk Phone IP 权限许可和访问控制问题漏洞
Vulnerability Description
Unify OpenStage SIP和OpenScape Desk Phone IP都是美国优力飞(Unify)公司的IP电话产品。 Unify OpenStage SIP和OpenScape Desk Phone IP V3 R3.32.0之前版本中存在提权漏洞。远程攻击者可通过向没有被充分保护的文件写入恶意的代码利用该漏洞获取提升的权限。
CVSS Information
N/A
Vulnerability Type
N/A