Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ChangingTec MegaServiSignAdapter - Improper Input Validation
Vulnerability Description
ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEY_CURRENT_USER subkey (ex: AutoRUN) in Registry where malicious scripts can be executed to take control of the system or to terminate the service.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
Changingtec ServiSign 输入验证错误漏洞
Vulnerability Description
Changingtec ServiSign是中国台湾全景软件(Changingtec)公司的一个系统。该系统提供了数字签名和验证的跨平台解决方案。 ChangingTech MegaServiSignAdapter存在输入验证错误漏洞,该漏洞源于存在输入验证不当,未经身份验证的远程攻击者利用此漏洞可以访问和修改注册表中的HKEY_CURRENT_USER子项,从而执行恶意脚本来控制系统或终止服务。
CVSS Information
N/A
Vulnerability Type
N/A