Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
VideoFlow Digital Video Protection DVP 2.10 Authenticated Directory Traversal
Vulnerability Description
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers to access arbitrary system files through unvalidated 'ID' parameters. Attackers can exploit multiple Perl scripts like downloadsys.pl to read sensitive files by manipulating directory path traversal in download requests.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
VideoFlow Digital Video Protection 安全漏洞
Vulnerability Description
VideoFlow Digital Video Protection是美国VideoFlow公司的一个广播级视频传输设备。 VideoFlow Digital Video Protection 2.10版本存在安全漏洞,该漏洞源于对ID参数验证不足,可能导致目录遍历攻击。
CVSS Information
N/A
Vulnerability Type
N/A