Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /tmp path which contains some sensitive data (e.g. device serial number). Having those info, a possible loginId can be self-calculated in a brute force attack against BMX interface. This is usable and part of an attack chain to gain SSH root access.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Bab Technologie Gmbh BAB TECHNOLOGIE GmbH eibPort 安全漏洞
Vulnerability Description
Bab Technologie Gmbh BAB TECHNOLOGIE GmbH eibPort是德国BAB TECHNOLOGIE GmbH(Bab Technologie Gmbh)公司的一款应用于管理智能家具设备的设备。 BAB TECHNOLOGIE GmbH eibPort V3 存在安全漏洞,该漏洞源于3.9.1之前的版本允许未经身份验证的攻击者访问包含一些敏感数据(例如设备序列号)的 /tmp 路径。攻击者可利用该漏洞获得ssh的根访问权限。
CVSS Information
N/A
Vulnerability Type
N/A