Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ABB PB610 IDAL HTTP server 缓冲区错误漏洞
Vulnerability Description
ABB PB610是瑞士ABB公司的一款为CP600控制面板平台设计图形用户界面的软件。IDAL HTTP server是其中的一个HTTP(超文本传输协议)服务器。 ABB PB610中的IDAL HTTP server存在内存损坏漏洞,该漏洞源于在身份验证过程中,程序没有安全地处理用户名和cookie字符串。攻击者可利用该漏洞绕过身份验证或在服务器上执行代码。
CVSS Information
N/A
Vulnerability Type
N/A