Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Meinberg Lantime M300 and M1000 devices allow attackers (with privileges to configure a device) to execute arbitrary OS commands by editing the /config/netconf.cmd script (aka Extended Network Configuration). Note: According to the description, the vulnerability requires a fully authenticated super-user account using a webUI function that allows super users to edit a script supposed to execute OS commands. The given weakness enumeration (CWE-78) is not applicable in this case as it refers to abusing functions/input fields not supposed to be accepting OS commands by using 'Special Elements.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Meinberg Funkuhren Lantime M300和M1000 操作系统命令注入漏洞
Vulnerability Description
Meinberg Funkuhren Lantime M300和Meinberg Funkuhren Lantime M1000都是德国Meinberg Funkuhren公司的一款机架式时间服务器。 Meinberg Funkuhren Lantime M300和Meinberg Funkuhren Lantime M1000中存在操作系统命令注入漏洞。攻击者可通过编辑/config/netconf.cmd脚本利用该漏洞执行任意的操作系统命令。
CVSS Information
N/A
Vulnerability Type
N/A