N/A

An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XML in an existing field.

N/A

N/A

BlackBerry AtHoc 安全漏洞

BlackBerry AtHoc 7.6 HF-567之前版本中的Management System存在XML外部实体注入漏洞。攻击者可通过输入恶意制作的XML利用该漏洞从应用程序服务器上读取任意的本地文件或在网络上发送请求。

N/A

N/A