Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Digi ConnectPort X2D
Vulnerability Description
An attacker may be able to execute malicious actions due to the lack of device access protections and device permissions when using the web application. This could lead to uploading python files which can be later executed.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
带着不必要的权限执行
Vulnerability Title
Digi ConnectPort X2D 安全漏洞
Vulnerability Description
Digi ConnectPort X2D是美国Digi公司的一款小型网关。可提供射频设备和传感器网络的低成本 IP 网络。 Digi ConnectPort X2D 存在安全漏洞,该漏洞源于web应用程序缺乏设备访问保护和设备权限控制导致攻击者可能会上传python文件,然后执行这些文件。以下版本受到影响:2020年1月之前制造的设备中的所有固件版本。
CVSS Information
N/A
Vulnerability Type
N/A