Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Shell In A Box HTTPS fallback 安全漏洞
Vulnerability Description
Shell In A Box(又名shellinabox)是软件开发者Markus Gutschke开发的一款用于访问远程Linux服务器的SSH终端产品。 Shell In A Box 2.19之前版本的HTTPS fallback实现过程中存在安全漏洞。远程攻击者可借助‘/plain’URL利用该漏洞实施DNS重新绑定攻击。
CVSS Information
N/A
Vulnerability Type
N/A