Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Lack of Authentication/Authorization on Administrative Web Pages
Vulnerability Description
In Drobo 5N2 4.0.5, all optional applications lack any form of authentication/authorization validation. As a result, any user capable of accessing the device over the network may interact with and control these applications. This not only poses a severe risk to the availability of these applications, but also poses severe risks to the confidentiality and integrity of data stored within the applications and the device itself.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drobo 5N2 授权问题漏洞
Vulnerability Description
Drobo 5N2是美国Drobo公司的一款NAS(网络附属存储)设备。 使用4.0.5-13.28.96115版本固件的Drobo 5N2中存在安全漏洞,该漏洞源于缺少身份验证/授权检查。攻击者可利用该漏洞控制应用程序,影响应用程序的可用性及数据的保密性和完整性。
CVSS Information
N/A
Vulnerability Type
N/A