Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An unrestricted file-upload issue in EditLaunchPadDialog.aspx in Ivanti Endpoint Manager 2019.1 and 2020.1 allows an authenticated attacker to gain remote code execution by uploading a malicious aspx file. The issue is caused by insufficient file extension validation and insecure file operations on the uploaded image, which upon failure will leave the temporarily created files in an accessible location on the server.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ivanti Endpoint Manager 代码问题漏洞
Vulnerability Description
Ivanti Endpoint Manager(EPM)是美国Ivanti公司的一套端点安全管理器。 Ivanti Endpoint Manager 2019.1版本和2020.1版本存在代码问题漏洞,该漏洞源于不受限制的文件上传问题。攻击者可利用该漏洞通过上传恶意aspx文件获得远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A