Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Honeywell has released a firmware update to address the problem.
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Honeywell Notifier Web Server 路径遍历漏洞
Vulnerability Description
Honeywell Notifier Web Server是美国霍尼韦尔(Honeywell)公司的一种基于 Web 的设备,充当 HTML 服务器,允许通过 Internet 或 Intranet 进行远程访问。 Honeywell Notifier Web Server (NWS) 3.50及之前版本存在路径遍历漏洞。攻击者可利用该漏洞下载带有敏感信息的数据库文件,例如用户名和密码哈希,获取对该火警系统的全部访问权限。
CVSS Information
N/A
Vulnerability Type
N/A