Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
FaceSentry Access Control System 6.4.8 Remote SSH Root Access
Vulnerability Description
FaceSentry Access Control System 6.4.8 contains a critical authentication vulnerability with hard-coded SSH credentials for the wwwuser account. Attackers can leverage the insecure sudoers configuration to escalate privileges and gain root access by executing sudo commands without authentication.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
使用硬编码的凭证
Vulnerability Title
iWT FaceSentry Access Control System 安全漏洞
Vulnerability Description
iWT FaceSentry Access Control System是iWT开源的一个应用软件。提供一个访问控制功能。 iWT FaceSentry Access Control System 6.4.8版本存在安全漏洞,该漏洞源于存在硬编码SSH凭据和sudoers配置不当,可能导致权限提升和获取root访问权限。
CVSS Information
N/A
Vulnerability Type
N/A