Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the writing of arbitrary files to a user-controlled location on the remote filesystem (with user-controlled content) via directory traversal, potentially leading to remote code and command execution.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
JUMP 路径遍历漏洞
Vulnerability Description
JUMP是法国JUMP公司的一个资产管理解决方案。 JUMP AMS 3.6.0.04.009-2487版本存在路径遍历漏洞,该漏洞源于应用允许通过目录遍历将任意文件写入远程文件系统上用户控制的位置(具有用户控制的内容),这可能导致远程代码和命令执行。
CVSS Information
N/A
Vulnerability Type
N/A