Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Open On-Chip Debugger 安全漏洞
Vulnerability Description
Open On-Chip Debugger(OpenOCD)是一款开源的提供从GDB到基于ARM和MIPS内核的处理器的JTAG/SWD访问。 OpenOCD 0.10.0版本中存在安全漏洞,该漏洞源于程序没有阻止使用HTTP POST请求向127.0.0.1:4444发送数据。远程攻击者可借助特制的网站利用该漏洞执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A