Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
devolo dLAN 500 AV Wireless+ 3.1.0-1 Remote Code Execution via htmlmgr
Vulnerability Description
devolo dLAN 500 AV Wireless+ 3.1.0-1 contains an authentication bypass vulnerability that allows attackers to enable hidden services through the htmlmgr CGI script. Attackers can enable telnet and remote shell services, reboot the device, and gain root access without a password by manipulating system configuration parameters.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
特权授予不正确
Vulnerability Title
Devolo dLAN 500 AV Wireless+ 安全漏洞
Vulnerability Description
Devolo dLAN 500 AV Wireless+是德国Devolo公司的一款电力线通信适配器。 Devolo dLAN 500 AV Wireless+ 3.1.0-1版本存在安全漏洞,该漏洞源于身份验证绕过,可能导致启用隐藏服务和获取根权限。
CVSS Information
N/A
Vulnerability Type
N/A