漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Improper Neutralization of Special Elements used in an SQL Command
Vulnerability Description
Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated SQL injection. A malicious user can send a specially crafted packet to exploit the vulnerability. Successful exploitation of this vulnerability can allow attackers to add users in the data base.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Eaton Intelligent Power Manager SQL注入漏洞
Vulnerability Description
Eaton Intelligent Power Manager(IPM)是美国Eaton公司的一款智能电源管理器,它支持从界面远程监视和管理网络中的多个设备。 Eaton Intelligent Power Manager 1.69 之前版本存在SQL注入漏洞,该漏洞容易受到经过身份验证的SQL注入的攻击,攻击者可利用该漏洞在数据库中添加用户。
CVSS Information
N/A
Vulnerability Type
N/A