Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered on Accellion FTA devices before FTA_9_12_180. By sending a POST request to home/seos/courier/web/wmProgressstat.html.php with an attacker domain in the acallow parameter, the device will respond with an Access-Control-Allow-Origin header allowing the attacker to have site access with a bypass of the Same Origin Policy.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Accellion FTA设备安全漏洞
Vulnerability Description
Accellion FTA devices是美国Accellion公司的一个文件传输设备。该设备支持文件传输、文件共享、文件传输跟踪和报告等。 Accellion FTA设备FTA_9_12_180之前的版本中存在安全漏洞。远程攻击者可通过向home/seos/courier/web/wmProgressstat.html.php发送POST请求利用该漏洞访问站点。
CVSS Information
N/A
Vulnerability Type
N/A