Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
StarWind SAN and NAS v0.2 build 1914 allow remote code execution. A flaw was found in REST API in StarWind Stack. REST command, which allows changing the hostname, doesn’t check a new hostname parameter. It goes directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with root privileges.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
StarWind SAN & NAS 安全漏洞
Vulnerability Description
StarWind SAN & NAS是StarWind的独立管理程序服务器或服务器组。 StarWind SAN & NAS v0.2 build 1914 存在安全漏洞,攻击者利用该漏洞可导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A