Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Genian NAC remote code execution vulnerability
Vulnerability Description
An remote code execution vulnerability due to SSTI vulnerability and insufficient file name parameter validation was discovered in Genian NAC. Remote attackers are able to execute arbitrary malicious code with SYSTEM privileges on all connected nodes in NAC through this vulnerability.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
Genians Genian NAC 代码注入漏洞
Vulnerability Description
Genians Genian NAC是韩国Genians公司的一款网络安全和访问控制软件。可帮助企业识别启用 IP 的设备、管理漏洞并检查设备配置以保护网络访问环境。 Genian NAC V5.0 Genian NAC Suite V5.0 Genian NAC Suite V4.0存在代码注入漏洞,该漏洞源于软件中文明名参数验证不足。攻击者可以利用该漏洞在 NAC 中的所有连接节点上执行具有 SYSTEM 权限的任意恶意代码。
CVSS Information
N/A
Vulnerability Type
N/A