Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. This can lead to code execution if a ZIP element's pathname is set to a Windows startup folder, a file for the inbuilt Out-Going Message function, or a file for the the inbuilt Autodial function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NCH IVM Attendant 代码问题漏洞
Vulnerability Description
NCH IVM Attendant是nch的一个应用软件。用于 Windows 的完整语音邮件、呼叫服务员和 IVR 解决方案。 NCH IVM Attendant 5.12及之前版本存在安全漏洞,该漏洞源于如果将ZIP元素的路径名设置为Windows启动文件夹、内置Out-Going Message函数的文件或内置Autodial函数的文件,则可能导致代码执行。
CVSS Information
N/A
Vulnerability Type
N/A