漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MFileUploadController class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-12124.
CVSS Information
N/A
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
NETGEAR ProSAFE Network Management System 代码问题漏洞
Vulnerability Description
Netgear NETGEAR是美国网件(Netgear)公司的一款路由器。连接两个或多个网络的硬件设备,在网络间起网关的作用。 NETGEAR ProSAFE Network Management System 存在代码问题漏洞,该漏洞源于在文件操作中使用用户提供的路径之前没有对其进行适当的验证。
CVSS Information
N/A
Vulnerability Type
N/A