漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Ruijie Networks Switch eWeb S29_RGOS 11.4 - Directory Traversal
Vulnerability Description
Ruijie Networks Switch eWeb S29_RGOS 11.4 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by manipulating file path parameters. Attackers can exploit the /download.do endpoint with '../' sequences to retrieve system configuration files containing credentials and network settings.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Ruijie Switch eWeb S29_RGOS 路径遍历漏洞
Vulnerability Description
Ruijie Switch eWeb S29_RGOS是中国锐捷(Ruijie)公司的一个Web管理界面系统。 Ruijie Switch eWeb S29_RGOS 11.4版本存在路径遍历漏洞,该漏洞源于/download.do端点存在目录遍历,可能导致访问敏感配置文件。
CVSS Information
N/A
Vulnerability Type
N/A