Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
M/Monit 3.7.4 - Privilege Escalation
Vulnerability Description
M/Monit 3.7.4 contains a privilege escalation vulnerability that allows authenticated users to modify user permissions by manipulating the admin parameter. Attackers can send a POST request to the /api/1/admin/users/update endpoint with a crafted payload to grant administrative access to a standard user account.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
授权机制不正确
Vulnerability Title
Tildeslash M/Monit 安全漏洞
Vulnerability Description
Tildeslash M/Monit是Tildeslash公司的一个服务器监控和管理工具。 Tildeslash M/Monit 3.7.4版本存在安全漏洞,该漏洞源于对admin参数的操作不当,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A