Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in CloudMe 1.11.0. An unauthenticated local attacker that can connect to the "CloudMe Sync" client application listening on 127.0.0.1 port 8888 can send a malicious payload causing a buffer overflow condition. This will result in code execution, as demonstrated by a TCP reverse shell, or a crash. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-6892.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CloudMe 缓冲区错误漏洞
Vulnerability Description
CloudMe是瑞典CloudMe AB公司提供的一项文件存储服务,包括云存储、文件同步和客户端浏览软件等。 CloudMe 1.11.0版本中存在缓冲区溢出漏洞。远程攻击者可利用该漏洞执行代码。
CVSS Information
N/A
Vulnerability Type
N/A