漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Western Digital EdgeRover before 0.25 has an escalation of privileges vulnerability where a low privileged user could load malicious content into directories with higher privileges, because of how Node.js is used. An attacker can gain admin privileges and carry out malicious activities such as creating a fake library and stealing user credentials.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Western Digital EdgeRover 安全漏洞
Vulnerability Description
Western Digital EdgeRover是美国西部数据(Western Digital)公司的一款个人内容应用程序。 Western Digital EdgeRover 0.25版本之前存在安全漏洞,该漏洞源于Node.js的使用方式,低特权用户可能会将恶意内容加载到具有更高特权的目录中。攻击者可利用该漏洞获得管理员特权,并执行恶意活动,如创建假库和窃取用户凭证。
CVSS Information
N/A
Vulnerability Type
N/A