Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A directory traversal vulnerability exists in the AssetActions.aspx addDoc functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Lansweeper 路径遍历漏洞
Vulnerability Description
Lansweeper是比利时Lansweeper公司的一套IT资产管理系统。该系统包括IT资产发现、网络设置扫描等功能。 Lansweeper AssetActions存在路径遍历漏洞。攻击者利用该漏洞通过特制的HTTP请求上传任意文件。
CVSS Information
N/A
Vulnerability Type
N/A