Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Opto 22 SoftPAC Project Version 9.6 and prior. Paths specified within the zip files used to update the SoftPAC firmware are not sanitized. As a result, an attacker with user privileges can gain arbitrary file write access with system access.
CVSS Information
N/A
Vulnerability Type
密码学签名的验证不恰当
Vulnerability Title
Opto 22 SoftPAC Project 数据伪造问题漏洞
Vulnerability Description
Opto 22 SoftPAC Project是美国Opto 22公司的一套自动化软件套件。该产品能够提供工业自动化、过程控制、楼宇自动化、远程监控、数据采集和工业物联网等功能。 Opto 22 SoftPAC Project 9.6及之前版本中存在数据伪造问题漏洞,该漏洞源于程序未清除用于更新SoftPAC固件的zip文件中指定的路径。攻击者可利用该漏洞获得任意文件写入权限。
CVSS Information
N/A
Vulnerability Type
N/A