漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Legacy Server BMC Remote Command Injection
Vulnerability Description
In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Lenovo产品操作系统命令注入漏洞
Vulnerability Description
Lenovo ThinkServer RD340等都是中国联想(Lenovo)公司的服务器设备。 多款Lenovo产品中的BMC固件下载命令存在安全漏洞。攻击者可利用该漏洞下载并执行任意代码。以下产品受到影响:Lenovo ThinkServer RD340;ThinkServer RD440;ThinkServer RD640;ThinkServer TD340。
CVSS Information
N/A
Vulnerability Type
N/A