Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Inoguard ExECM CoreB2B solution remote code execution vulnerability
Vulnerability Description
A vulnerability(improper input validation) in the ExECM CoreB2B solution allows an unauthenticated attacker to download and execute an arbitrary file via httpDownload function. A successful exploit could allow the attacker to hijack vulnerable system.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
ExECM CoreB2B solution 输入验证错误漏洞
Vulnerability Description
ExECM CoreB2B是提供了一个可重复、经过验证的人员-流程-技术模型,可扩展 IT 团队并确保运营与 B2B 集成趋势和要求保持同步,同时改进业务流程优化。 ExECM CoreB2B solution存在安全漏洞,该漏洞允许未经身份验证的攻击者可利用该漏洞通过httpDownload函数下载并执行任意文件。成功的利用可以让攻击者可利用该漏洞劫持脆弱的系统。
CVSS Information
N/A
Vulnerability Type
N/A