Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
AUVESY Versiondog
Vulnerability Description
Many of the services used by the affected product do not specify full paths for the DLLs they are loading. An attacker can exploit the uncontrolled search path by implanting their own DLL near the affected product’s binaries, thus hijacking the loaded DLL.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
AUVESY Versiondog 代码问题漏洞
Vulnerability Description
AUVESY Versiondog是德国AUVESY公司的一款自动化生产数据和变更管理软件解决方案。 AUVESY Versiondog 存在代码问题漏洞,该漏洞源于受影响产品使用的许多服务没有为其加载的 DLL 指定完整路径。 攻击者可以通过在受影响产品的二进制文件附近植入自己的 DLL 来利用不受控制的搜索路径,从而劫持加载的 DLL。
CVSS Information
N/A
Vulnerability Type
N/A