Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Secure Computing SnapGear Management Console SG560 3.1.5 Arbitrary File Read/Write
Vulnerability Description
SnapGear Management Console SG560 3.1.5 contains a file manipulation vulnerability that allows authenticated users to read, write, and delete files using the edit_config_files CGI script. Attackers can manipulate POST request parameters in /cgi-bin/cgix/edit_config_files to access and modify files outside the intended /etc/config/ directory.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
SnapGear Management Console SG560 路径遍历漏洞
Vulnerability Description
SnapGear Management Console SG560是SnapGear公司的一款多功能网络安全网关。 SnapGear Management Console SG560存在路径遍历漏洞,该漏洞源于edit_config_files CGI脚本存在文件操作漏洞,可能导致读取、写入和删除/etc/config/目录之外的文件。
CVSS Information
N/A
Vulnerability Type
N/A