Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Hirschmann HiSecOS Buffer Overflow via HTTPS Login
Vulnerability Description
Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than 128 characters. Attackers can exploit improper bounds checking in password handling to overflow a fixed-size buffer and achieve denial of service or remote code execution.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Vulnerability Title
Belden Hirschmann HiSecOS 安全漏洞
Vulnerability Description
Belden Hirschmann HiSecOS是美国Belden公司的一个工业网络安全设备操作系统。 Belden Hirschmann HiSecOS 05.3.03之前版本存在安全漏洞,该漏洞源于启用RADIUS身份验证时HTTPS登录接口存在缓冲区溢出,可能导致远程攻击者提交超过128个字符的密码使设备崩溃或执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A