Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Ubiquiti UCRM versions 2.3.0 to 2.7.7 allow an authenticated user to read arbitrary files in the local file system. Note that by default, the local file system is isolated in a docker container. Successful exploitation requires valid credentials to an account with "Edit" access to "System Customization".
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ubiquiti UCRM 权限许可和访问控制问题漏洞
Vulnerability Description
Ubiquiti UCRM是美国优比快(Ubiquiti Networks)公司的一套计费和客户管理系统。该系统具有客户管理、自动结算和网络监控等功能。 Ubiquiti UCRM 2.3.0版本至2.7.7版本中存在权限许可和访问控制漏洞。本地攻击者可利用该漏洞读取本地文件系统中的任意文件。
CVSS Information
N/A
Vulnerability Type
N/A