漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Session Smart Router: Authentication Bypass Vulnerability
Vulnerability Description
The usage of an internal HTTP header created an authentication bypass vulnerability (CWE-287), allowing an attacker to view internal files, change settings, manipulate services and execute arbitrary code. This issue affects all Juniper Networks 128 Technology Session Smart Router versions prior to 4.5.11, and all versions of 5.0 up to and including 5.0.1.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
认证机制不恰当
Vulnerability Title
128 Technology Session Smart Router 授权问题漏洞
Vulnerability Description
128 Technology Session Smart Router是一个路由器。 128 Technology Session Smart Router 中存在授权问题漏洞,该漏洞源于产品在处理身份验证请求时发生错误。攻击者可通过该漏洞绕过认证并使用root权限执行任意系统命令。以下产品及版本受到影响:128 Technology Session Smart Router 4.4, 5.0.1 版本。
CVSS Information
N/A
Vulnerability Type
N/A