Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ModbusPal 1.6b is vulnerable to an XML External Entity (XXE) attack. Projects are saved as .xmpp files and automations can be exported as .xmpa files, both XML-based, which are vulnerable to XXE injection. Sending a crafted .xmpp or .xmpa file to a user, when opened/imported in ModbusPal, will return the contents of any local files to a remote attacker.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ModbusPal 安全漏洞
Vulnerability Description
ModbusPal是一款使用Java语言编写的具有复制MODBUS环境的MODBUS模拟器。 ModbusPal 1.6b版本中存在XML外部实体注入漏洞。远程攻击者可通过向用户发送特制的.xmpp或.xmpa文件利用该漏洞获取任意本地文件内容。
CVSS Information
N/A
Vulnerability Type
N/A