Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
GUP (generic update process) in LightySoft LogMX before 7.4.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update. The update process relies on cleartext HTTP. The attacker could replace the LogMXUpdater.class file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
LightySoft LogMX 输入验证错误漏洞
Vulnerability Description
Lightysoft LightySoft LogMX是法国LightySoft(Lightysoft)公司的一款通用日志分析器。 LightySoft LogMX 7.4.0之前版本中的GUP存在安全漏洞,该漏洞源于程序没有正确地验证更新文件的可靠性。攻击者可借助恶意的更新文件利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A