Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ICSA-22-062-01 IPCOMM ipDIO
Vulnerability Description
The absence of filters when loading some sections in the web application of the vulnerable device allows attackers to inject malicious code that will be interpreted when a legitimate user accesses the web section where the information is displayed. Injection can be done on specific parameters. The injected code is executed when a legitimate user attempts to upload, copy, download, or delete an existing configuration (Administrative Services).
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
对生成代码的控制不恰当(代码注入)
Vulnerability Title
IPCOMM ipDIO 安全漏洞
Vulnerability Description
IPCOMM ipDIO是德国IPCOMM公司的一种遥控通信设备。用于记录数字和模拟输入并控制数字输出。 IPCOMM ipDIO 存在安全漏洞,该漏洞源于在易受攻击设备的 Web 应用程序中加载某些部分时没有过滤器,攻击者可以注入恶意代码,当合法用户访问显示信息的 Web 部分时,这些代码将被解释。
CVSS Information
N/A
Vulnerability Type
N/A