Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Chcnav - P5E GNSS Information disclosure
Vulnerability Description
Disclosure of information - the system allows you to view usernames and passwords without permissions, thus it will be possible to enter the system. Path access: http://api/sys_username_passwd.cmd - The server loads the request clearly by default. Disclosure of hard-coded credit information within the JS code sent to the customer within the Login.js file is a strong user (which is not documented) and also the password, which allow for super-user access. Username: chcadmin, Password: chcpassword.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
N/A
Vulnerability Title
Chcnav P5E GNSS 信任管理问题漏洞
Vulnerability Description
Chcnav P5E GNSS是Chcnav公司的全球定位系统。 Chcnav P5E GNSS 存在信任管理问题漏洞,该漏洞源于允许在没有权限的情况下查看用户名和密码,攻击者利用该漏洞从而有可能进入系统。
CVSS Information
N/A
Vulnerability Type
N/A