Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The auto-update feature of Open Embedded Linux Entertainment Center (OpenELEC) 6.0.3, 7.0.1, and 8.0.4 uses neither encrypted connections nor signed updates. A man-in-the-middle attacker could manipulate the update packages to gain root access remotely.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Open Embedded Linux Entertainment Center 安全漏洞
Vulnerability Description
Open Embedded Linux Entertainment Center(OpenELEC)是一套附带家庭影院的Linux嵌入式操作系统,它包括家庭影院PC所需的各类软件,如:DVD播放器、远程控制等。 OpenELEC 6.0.3版本和7.0.1版本中的auto-update功能存在安全漏洞。攻击者可利用该漏洞执行中间人攻击者,远程操作更新包,获取root访问权限。
CVSS Information
N/A
Vulnerability Type
N/A