Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in the "Upload Groupkey" functionality in the Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote authenticated users with Admin-User access to write to arbitrary files and consequently gain root privileges by uploading a file, as demonstrated by storing a file in the cron.d directory.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Meinberg LANTIME Web Configuration Utility 路径遍历漏洞
Vulnerability Description
Meinberg LANTIME是德国Meinberg公司的一款NTP时间服务器。Web Configuration Utility是其中的一个Web配置工具。 使用6.24.004版本固件的Meinberg LANTIME中的Web Configuration Utility的Upload Groupkey功能存在目录遍历漏洞。远程攻击者可通过上传文件利用该漏洞获取root权限。
CVSS Information
N/A
Vulnerability Type
N/A