漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow a remote attacker to delete arbitrary system file due to lack of validation of the /login/bin/set_param to the file name with the value of 'system.delete.sd_file'
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Schneider Electric Pelco Sarix Professional 安全漏洞
Vulnerability Description
Schneider Electric Pelco Sarix Professional是法国施耐德电气(Schneider Electric)公司的一款视频监控设备。 使用3.29.67之前版本固件的Schneider Electric Pelco Sarix Professional中存在安全漏洞,该漏洞源于/login/bin/set_param程序在处理system.delete.sd_file参数时没有对文件名进行检查。远程攻击者可利用该漏洞删除任意系统文件。
CVSS Information
N/A
Vulnerability Type
N/A