Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dell Hybrid Client below 1.8 version contains a Zip Bomb Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Dell Hybrid Client 安全漏洞
Vulnerability Description
Dell Hybrid Client是美国戴尔(Dell)公司的一个应用软件。提供一个具有混合云管理功能的客户端计算软件。 Dell Hybrid Client 1.8 版本之前存在安全漏洞,该漏洞源于在 UI 中包含一个 Zip Bomb 漏洞。来宾特权攻击者可能会利用此漏洞,导致系统文件被修改。
CVSS Information
N/A
Vulnerability Type
N/A