Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SevOne Network Management System Traceroute traceroute.php command injection
Vulnerability Description
A vulnerability classified as critical has been found in SevOne Network Management System up to 5.7.2.22. This affects the file traceroute.php of the Traceroute Handler. The manipulation leads to privilege escalation with a command injection. It is possible to initiate the attack remotely.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
SevOne Network Management System 命令注入漏洞
Vulnerability Description
SevOne Network Management System是美国SevOne公司的一个适用于现代 NetOps 的最全面、可扩展且以应用程序为中心的网络性能监控系统。 SevOne Network Management System(NMS) 5.7.2.22 之前版本存在安全漏洞,远程攻击者利用该漏洞可通过命令注入导致权限升级。
CVSS Information
N/A
Vulnerability Type
N/A