Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Remote Code Execution in all versions of various RAD-ISM-900-EN-* devices by PHOENIX CONTACT
Vulnerability Description
On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the traceroute utility integrated in the WebUI to execute arbitrary code with root privileges on the OS due to an improper input validation in all versions of the firmware.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
PHOENIX CONTACT RAD-ISM-900-EN-* 输入验证错误漏洞
Vulnerability Description
PHOENIX CONTACT RAD-ISM-900-EN-*是德国PHOENIX CONTACT公司的一系列无线模块以太网收发器。 PHOENIX CONTACT 的 RAD-ISM-900-EN-* 设备存在输入验证错误漏洞,该漏洞源于输入验证不正确。攻击者利用该漏洞使用 WebUI 中集成的 traceroute 程序在操作系统上以 root 权限执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A