Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Datto Windows Agent allows unauthenticated remote command execution via a modified command in conjunction with CVE-2017-16673 exploitation, aka an attack with a malformed primary whitelisted command and a secondary non-whitelisted command. This affects Datto Windows Agent (DWA) 1.0.5.0 and earlier. In other words, an attacker could combine this "primary/secondary" attack with the CVE-2017-16673 "rogue pairing" attack to achieve unauthenticated access to all agent machines running these older DWA versions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Datto Windows Agent 安全漏洞
Vulnerability Description
Datto Windows Agent(DWA)是美国Datto公司的一套基于Windows的备份代理软件。 DWA 1.0.5.0及之前的版本中存在安全漏洞。攻击者可借助该漏洞及CVE-2017-16673漏洞利用该漏洞访问运行较老版本的代理设备。
CVSS Information
N/A
Vulnerability Type
N/A