Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The administration console of the Moog EXO Series EXVF5C-2 and EXVP7C2-3 units features a 'statusbroadcast' command that can spawn a given process repeatedly at a certain time interval as 'root'. One of the limitations of this feature is that it only takes a path to a binary without arguments; however, this can be circumvented using special shell variables, such as '${IFS}'. As a result, an attacker can execute arbitrary commands as 'root' on the units.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Moog EXO Series EXVF5C-2 和 EXVP7C2-3 操作系统命令注入漏洞
Vulnerability Description
Moog EXO Series EXVF5C-2 和 EXVP7C2-3的控制端存在安全漏洞,攻击者可以利用该漏洞以“root”身份执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A