Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The "Send as attachment" feature in Ipswitch MOVEit DMZ before 8.2 and MOVEit Mobile before 1.2.2 allow remote authenticated users to bypass authorization and read uploaded files via a valid FileID in the (1) serverFileIds parameter to mobile/sendMsg or (2) arg01 parameter to human.aspx.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ipswitch MOVEit DMZ和MOVEit Mobile 安全漏洞
Vulnerability Description
Ipswitch MOVEit美国Ipswitch公司的一套自动化的文件传输系统。该系统支持通过一个单一的、安全的系统控制、管理,查看所有的关键业务文件传输活动。DMZ和Mobile是其中的版本。 Ipswitch MOVEit DMZ 8.2之前版本和MOVEit Mobile 1.2.2之前版本的‘Send as attachment’功能中存在安全漏洞,该漏洞源于mobile/sendMsg URI没有充分过滤‘serverFileIds’参数;human.aspx文件没有充分过滤‘arg01’参数
CVSS Information
N/A
Vulnerability Type
N/A