Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Bitdefender BOX 2 bootstrap get_image_size command injection vulnerability
Vulnerability Description
A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the manipulation of the `get_image_url()` function in special circumstances to inject a system command.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Bitdefender BOX 操作系统命令注入漏洞
Vulnerability Description
Bitdefender BOX是罗马尼亚比特梵德(Bitdefender)公司的一款智能家居安全控制设备。 Bitdefender BOX 2版本中的‘get_image_url()’函数存在操作系统命令注入漏洞。攻击者可利用该漏洞执行任意系统命令。
CVSS Information
N/A
Vulnerability Type
N/A