Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Rockwell Automation FactoryTalk View SE
Vulnerability Description
All versions of FactoryTalk View SE do not properly validate input of filenames within a project directory. A remote, unauthenticated attacker may be able to execute a crafted file on a remote endpoint that may result in remote code execution (RCE). Rockwell Automation recommends applying patch 1126289. Before installing this patch, the patch rollup dated 06 Apr 2020 or later MUST be applied. 1066644 – Patch Roll-up for CPR9 SRx.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Vulnerability Type
输入验证不恰当
Vulnerability Title
Rockwell Automation FactoryTalk View SE 输入验证错误漏洞
Vulnerability Description
Rockwell Automation FactoryTalk View SE是美国罗克韦尔(Rockwell Automation)公司的一款工业自动化系统视图界面。 Rockwell Automation FactoryTalk View SE中存在输入验证错误漏洞,该漏洞源于程序未正确验证项目目录中文件名的输入。远程攻击者可通过执行特制文件利用该漏洞执行代码。
CVSS Information
N/A
Vulnerability Type
N/A