Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Trustwave Secure Web Gateway 安全漏洞
Vulnerability Description
Trustwave Secure Web Gateway(SWG)是美国Trustwave公司的一款Web安全网关产品。 Trustwave SWG 11.8.0.27及之前的版本中存在安全漏洞。远程攻击者可通过向/sendKey URI发送‘publicKey’参数利用该漏洞将任意的公钥添加到SSH Authorized Keys数据中,从而获取远程的root访问权限。
CVSS Information
N/A
Vulnerability Type
N/A