Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Biscom Secure File Transfer (SFT) 5.0.1000 through 5.0.1048 does not validate the dataFieldId value, and uses sequential numbers, which allows remote authenticated users to overwrite or read files via crafted requests. Version 5.0.1050 contains the fix.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Biscom Secure File Transfer 安全漏洞
Vulnerability Description
Biscom Secure File Transfer(SFT)是美国Biscom公司的一套基于Web的文件传输解决方案。该方案具有文件共享、创建工作区和自动清理文件等功能。 Biscom SFT 5.0.1000版本至5.0.1048版本中存在安全漏洞,该漏洞源于没有正确的验证dataFieldId值并使用了序列号。远程攻击者可通过发送特制的请求利用该漏洞覆盖和读取文件。
CVSS Information
N/A
Vulnerability Type
N/A