Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
NREL BEopt 2.8.0 Insecure Library Loading Arbitrary Code Execution
Vulnerability Description
NREL BEopt 2.8.0.0 contains a DLL hijacking vulnerability that allows attackers to load arbitrary libraries by tricking users into opening application files from remote shares. Attackers can exploit insecure library loading of sdl2.dll and libegl.dll by placing malicious libraries on WebDAV or SMB shares to execute unauthorized code.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
NREL BEopt 代码问题漏洞
Vulnerability Description
NREL BEopt是美国NREL组织的一个住宅建筑节能方案计算软件。 NREL BEopt 2.8.0.0版本存在代码问题漏洞,该漏洞源于不安全库加载,可能导致DLL劫持攻击。
CVSS Information
N/A
Vulnerability Type
N/A