Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allows remote authenticated users to obtain root privileges for writing to unspecified scripts, and consequently obtain sensitive information or modify data, by leveraging access to the nobody account.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Meinberg产品提权漏洞
Vulnerability Description
Meinberg IMS-LANTIME M3000等都是德国Meinberg公司的NTP时间服务器。 多款Meinberg产品的NTP time-server接口中存在提权漏洞。远程攻击者可通过访问nobody账户利用该漏洞以root权限写入脚本,获取敏感新。以下产品及版本受到影响:Meinberg IMS-LANTIME M3000、M1000、M500、LANTIME M900、M600、M400、M300、M200、M100、SyncFire 1100、LCES 6.0及之前版本。
CVSS Information
N/A
Vulnerability Type
N/A