漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Iomega and LenovoEMC NAS Web UI Vulnerabilities
Vulnerability Description
For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the file name used for assets accessible through the Content Viewer application are vulnerable to self cross-site scripting self-XSS. As a result, adversaries can add files to shares accessible from the Content Viewer with a cross site scripting payload in its name, and wait for a user to try and rename the file for their payload to trigger.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Lenovo产品安全漏洞
Vulnerability Description
Lenovo Iomega StorCenter px12-450r等都是中国联想(Lenovo)公司的存储设备。 使用4.1.402.34662及之前版本固件的多款Lenovo产品中的Web UI存在跨站脚本漏洞。远程攻击者可通过添加文件利用该漏洞提升权限。以下产品和版本受到影响:Lenovo Iomega StorCenter px12-450r,StorCenter px12-400r,StorCenter px4-300r,StorCenter px6-300d,StorCenter px4-30
CVSS Information
N/A
Vulnerability Type
N/A