Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The WebControl in RaspberryTortoise through 2012-10-28 is vulnerable to remote code execution via shell metacharacters in a URI. The file nodejs/raspberryTortoise.js has no validation on the parameter incomingString before passing it to the child_process.exec function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
RaspberryTortoise WebControl 注入漏洞
Vulnerability Description
RaspberryTortoise是一款用于机器人车辆编程的软件包。WebControl是其中的一个基于Web的控制器。 RaspberryTortoise 2012-10-28及之前版本中的WebControl存在安全漏洞,该漏洞源于程序没有正确验证字符串。远程攻击者可借助URI中的shell元字符利用该漏洞执行代码。
CVSS Information
N/A
Vulnerability Type
N/A