Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
System command injection in the /DroboPix/api/drobopix/demo endpoint on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the payload in a POST request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drobo 5N2 NAS 命令注入漏洞
Vulnerability Description
Drobo 5N2 NAS是美国Drobo公司的一款网络存储设备(NAS)。该设备具有数据共享、数据备份、远程访问和灾备恢复等功能。 Drobo 5N2 NAS 4.0.5-13.28.96115版本中的/DroboPix/api/drobopix/demo端点存在命令注入漏洞。攻击者可通过发送特制的POST请求利用该漏洞以root身份执行任意系统命令。
CVSS Information
N/A
Vulnerability Type
N/A