Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ubiQuoss Switch VP5208A creates a bcm_password file at /cgi-bin/ with the user credentials in cleartext when a failed login attempt occurs. The file can be reached via an HTTP request. The credentials can be used to access the system via SSH (or TELNET if it is enabled).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
UbiQuoss Switch VP5208A 安全漏洞
Vulnerability Description
UbiQuoss Switch VP5208A是韩国UbiQuoss公司的一款交换机产品。 UbiQuoss Switch VP5208A中存在安全漏洞,该漏洞源于用户登录失败后,程序会在/cgi-bin/中创建一个bcm_password文件并带有明文形式的用户凭证。攻击者可通过发送HTTP请求获取凭证并借助SSH利用该漏洞访问系统。
CVSS Information
N/A
Vulnerability Type
N/A