Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A file write vulnerability exists in the OTA update task functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to arbitrary file overwrite. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Sealevel Systems SeaConnect 370W 安全漏洞
Vulnerability Description
Sealevel Systems SeaConnect 370W是美国Sealevel Systems公司的一款工业物联网(Iiot)边缘设备。用于远程监视和控制实际 I/O 进程的状态。 Sealevel Systems SeaConnect 370W 存在安全漏洞,该漏洞源于产品OTA update task功能未对文件写功能做有效限制。攻击者可通过专门制作的MQTT负载导致任文件覆盖。以下产品及版本受到影响:Sealevel Systems SeaConnect 370W v1.3.34。
CVSS Information
N/A
Vulnerability Type
N/A