Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in FRRouting FRR (aka Free Range Routing) through 7.3.1. When using the split-config feature, the init script creates an empty config file with world-readable default permissions, leading to a possible information leak via tools/frr.in and tools/frrcommon.sh.in. NOTE: some parties consider this user error, not a vulnerability, because the permissions are under the control of the user before any sensitive information is present in the file
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FRRouting FRR 信息泄露漏洞
Vulnerability Description
FRRouting FRR是一套对各种IPV4和IPV6路由协议进行实现和管理的软件。 FRRouting FRR 7.3.1及之前版本中的split-config功能存在安全漏洞,该漏洞源于使用split-config功能时,init脚本将创建一个空的配置文件并将其默认设置为全局可读。攻击者可利用该漏洞获取信息。
CVSS Information
N/A
Vulnerability Type
N/A