漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
Cisco Vision Dynamic Signage Director Path Traversal Vulnerability
漏洞信息
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct directory traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to read files on the underlying operating system with root privileges. To exploit this vulnerability, the attacker would need to have administrative privileges on the affected system.
漏洞信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
漏洞
对路径名的限制不恰当(路径遍历)
漏洞
Cisco Vision Dynamic Signage Director Web管理接口路径遍历漏洞
漏洞信息
Cisco Vision Dynamic Signage Director是美国思科(Cisco)公司的一套端到端的动态标牌和IPTV解决方案。 Cisco Vision Dynamic Signage Director 6.2 SP5之前版本中的Web管理接口存在路径遍历漏洞,该漏洞源于该接口没有正确验证用户提交的输入。远程攻击者可通过发送特制的HTTP请求利用该漏洞使用root权限读取底层操作系统上的文件。
漏洞信息
N/A
漏洞
N/A