Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Elsight – Elsight Halo Remote Code Execution (RCE)
Vulnerability Description
Elsight – Elsight Halo Remote Code Execution (RCE) Elsight Halo web panel allows us to perform connection validation. through the POST request : /api/v1/nics/wifi/wlan0/ping we can abuse DESTINATION parameter and leverage it to remote code execution.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
Elsight Halo 安全漏洞
Vulnerability Description
Elsight Halo是Elsight公司的无人机运营管理。 Elsight Halo 存在安全漏洞,该漏洞源于通过 POST 请求访问 /api/v1/nics/wifi/wlan0/ping 页面可以使用 DESTINATION 参数远程执行代码。
CVSS Information
N/A
Vulnerability Type
N/A