Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
TERUTEN WebCube update remote code execution vulnerability
Vulnerability Description
The vulnerability causing from insufficient verification procedures for downloaded files during WebCube update. Remote attackers can bypass this verification logic to update both digitally signed and unauthorized files, enabling remote code execution.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
源验证错误
Vulnerability Title
TERUTEN WebCube 访问控制错误漏洞
Vulnerability Description
TERUTEN WebCube是韩国TERUTEN公司的一种网络浏览器安全解决方案。可防止非法使用网站的各种组成元素。 TERUTEN WebCube 1.0.5.5 到 1.2.0.0 版本存在安全漏洞,该漏洞源于更新期间下载文件验证程序不充分,远程攻击者利用该漏洞可以绕过此验证逻辑来更新数字签名和未经授权的文件,从而实现远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A