Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dell Edge Gateway 5200 (EGW) versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Dell Edge Gateway 操作系统命令注入漏洞
Vulnerability Description
Dell Edge Gateway是美国戴尔(Dell)公司的一系列智能网关设备。旨在聚合、保护、分析和中继来自网络边缘各种传感器和设备的数据。 Dell Edge Gateway 5200 (EGW) 1.03.10之前的版本存在安全漏洞,攻击者利用该漏洞可以在 SMM 期间执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A