Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SICUNET Access Controller card_scan_decoder.php privileges management
Vulnerability Description
A vulnerability was found in SICUNET Access Controller 0.32-05z and classified as critical. Affected by this issue is some unknown functionality of the file card_scan_decoder.php. The manipulation of the argument No/door leads to privilege escalation. The attack may be launched remotely.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
特权管理不恰当
Vulnerability Title
SICUNET Access Controller 安全漏洞
Vulnerability Description
SICUNET Access Controller是中国SICUNET公司的一个基于浏览器的访问,您可以将您的面板连接到我们的云服务器, 这样您就可以在没有防火墙设置的情况下访问您的面板。 SICUNET Access Controller 0.32-05z版本存在安全漏洞,该漏洞源于 card_scan_decoder.php 的一些未知功能,对参数 No/door 的操纵导致特权升级,攻击者利用该漏洞可以发起远程攻击。
CVSS Information
N/A
Vulnerability Type
N/A