Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue has been discovered in the OpenWebif plugin through 1.2.4 for Enigma2 based devices. Reading of arbitrary files is possible with /file?action=download&file= followed by a full pathname, and listing of arbitrary directories is possible with /file?action=download&dir= followed by a full pathname. This is related to plugin/controllers/file.py in the e2openplugin-OpenWebif project.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenWebif插件安全漏洞
Vulnerability Description
OpenWebif Plugin是一款使用在基于E2open的机顶盒设备中的开源Web界面。 OpenWebif插件1.2.4及之前版本(用于基于Enigma2的设备)中存在安全漏洞。攻击者可利用该漏洞读取任意文件及列出任意目录。
CVSS Information
N/A
Vulnerability Type
N/A