Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
VCM5010 with software versions earlier before V100R002C50SPC100 has an authentication bypass vulnerability. This is due to improper implementation of authentication for accessing web pages. An unauthenticated attacker could bypass the authentication by sending a crafted HTTP request. 5010 with software versions earlier before V100R002C50SPC100 has an arbitrary file upload vulnerability. The software does not validate the files that uploaded. An authenticated attacker could upload arbitrary files to the system.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
华为VCM5010 安全漏洞
Vulnerability Description
华为VCM5010是中国华为(Huawei)公司的一套基于云基础架构的视频内容管理平台。该平台提供智能分析一体化、视频处理检索和行为分析管理等功能。 华为VCM5010 V100R002C50SPC100之前的版本中存在身份验证绕过漏洞,该漏洞源于程序没有正确的验证访问web页面的权限。攻击者可通过伪造HTTP请求利用该漏洞绕过身份认证。
CVSS Information
N/A
Vulnerability Type
N/A