目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2021-31888 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “MKD/XMKD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0018)
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
不恰当的空终结符
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Siemens Nucleus ReadyStart 缓冲区错误漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Siemens Nucleus ReadyStart是德国Siemens公司的一个捆绑式解决方案。用于加速完整系统的快速启动并提供丰富的板级支持包 (Bsp) Siemens Nucleus ReadyStart 存在缓冲区错误漏洞,该漏洞源于 FTP 服务器没有正确验证 MKD/XMKD 命令的长度,导致基于堆栈的缓冲区溢出。这可能会导致拒绝服务条件和远程代码执行。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
厂商产品影响版本CPE订阅
SiemensAPOGEE MBC (PPC) (BACnet) All versions -
SiemensAPOGEE MBC (PPC) (P2 Ethernet) All versions -
SiemensAPOGEE MEC (PPC) (BACnet) All versions -
SiemensAPOGEE MEC (PPC) (P2 Ethernet) All versions -
SiemensAPOGEE PXC Compact (BACnet) All versions < V3.5.4 -
SiemensAPOGEE PXC Compact (P2 Ethernet) All versions < V2.8.19 -
SiemensAPOGEE PXC Modular (BACnet) All versions < V3.5.4 -
SiemensAPOGEE PXC Modular (P2 Ethernet) All versions < V2.8.19 -
SiemensDesigo PXC00-E.D All versions >= V2.3 and < V6.30.016 -
SiemensDesigo PXC00-U All versions >= V2.3 and < V6.30.016 -
SiemensDesigo PXC001-E.D All versions >= V2.3 and < V6.30.016 -
SiemensDesigo PXC100-E.D All versions >= V2.3 and < V6.30.016 -
SiemensDesigo PXC12-E.D All versions >= V2.3 and < V6.30.016 -
SiemensDesigo PXC128-U All versions >= V2.3 and < V6.30.016 -
SiemensDesigo PXC200-E.D All versions >= V2.3 and < V6.30.016 -
SiemensDesigo PXC22-E.D All versions >= V2.3 and < V6.30.016 -
SiemensDesigo PXC22.1-E.D All versions >= V2.3 and < V6.30.016 -
SiemensDesigo PXC36.1-E.D All versions >= V2.3 and < V6.30.016 -
SiemensDesigo PXC50-E.D All versions >= V2.3 and < V6.30.016 -
SiemensDesigo PXC64-U All versions >= V2.3 and < V6.30.016 -
SiemensDesigo PXM20-E All versions >= V2.3 and < V6.30.016 -
SiemensNucleus NET All versions -
SiemensNucleus ReadyStart V3 All versions < V2017.02.4 -
SiemensNucleus Source Code All versions -
SiemensTALON TC Compact (BACnet) All versions < V3.5.4 -
SiemensTALON TC Modular (BACnet) All versions < V3.5.4 -
二、漏洞 CVE-2021-31888 的公开POC
#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC
三、漏洞 CVE-2021-31888 的情报信息
Please 登录 to view more intelligence information
IV. Related Vulnerabilities
Same product: APOGEE MBC (PPC) (BACnet)
Same vendor: Siemens
Same weakness: CWE-170
V. Comments for CVE-2021-31888

暂无评论

发表评论