Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Hidden system command web page. After performing a reverse engineering of the firmware, it was discovered that a hidden page not listed in the administration management interface allows a user to execute Linux commands on the device with root privileges. An authenticated malicious threat actor can use this page to fully compromise the device.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Airspan AirSpot 5410 安全漏洞
Vulnerability Description
Airspan AirSpot 5410是美国Airspan公司的一款先进的 LTE、CAT12、户外、多服务产品。 Airspan AirSpot 5410 0.3.4.1-4及以前版本存在安全漏洞,该漏洞源于经过身份验证的攻击者可以利用固件中隐藏的系统命令网页在设备上以root权限执行Linux命令实现完全控制设备。
CVSS Information
N/A
Vulnerability Type
N/A