Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Mesa Labs AmegaView Command Injection
Vulnerability Description
Mesa Labs AmegaView Versions 3.0 and prior has a command injection vulnerability that can be exploited to execute commands in the web server.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
MesaLabs AmegaView 命令注入漏洞
Vulnerability Description
MesaLabs AmegaView是美国MesaLabs公司的一个连续监测系统(CMS)。具有5个基本硬件组件。这些组件是探针,无线发射器,网关,拨号器和服务器。 MesaLabs AmegaView 3.0版本及之前版本存在命令注入漏洞,该漏洞源于系统中的密码由一种易于逆转的算法生成、并存在使用默认Cookie可绕过身份验证、命令注入的情况。攻击者可通过该漏洞远程执行代码或允许访问设备。
CVSS Information
N/A
Vulnerability Type
N/A