Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Certain NetModule devices allow credentials via GET parameters to CLI-PHP. These models with firmware before 4.3.0.113, 4.4.0.111, and 4.5.0.105 are affected: NB800, NB1600, NB1601, NB1800, NB1810, NB2700, NB2710, NB2800, NB2810, NB3700, NB3701, NB3710, NB3711, NB3720, and NB3800.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NetModule Router Software 日志信息泄露漏洞
Vulnerability Description
NetModule Router Software是NetModule的一款路由器。 NetModule Router Software 存在安全漏洞,该漏洞源于接口支持一个可选的“CLI-PHP”功能,它本质上是一个PHP webshell,需要身份验证并且可以发送凭据作为 GET 参数,由于 GET 参数是 URL 的一部分,而 URL 是频繁存储,这可能使有权访问此类日志的攻击者采取在使用的帐户上。
CVSS Information
N/A
Vulnerability Type
N/A