Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Italtel NetMatch-S CI 5.2.0-20211008 allows Absolute Path Traversal under NMSCI-WebGui/SaveFileUploader. An unauthenticated user can upload files to an arbitrary path. An attacker can change the uploadDir parameter in a POST request (not possible using the GUI) to an arbitrary directory. Because the application does not check in which directory a file will be uploaded, an attacker can perform a variety of attacks that can result in unauthorized access to the server.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Italtel NetMatch-S CI 路径遍历漏洞
Vulnerability Description
Italtel NetMatch-S CI是Italtel公司的第一个“云内”SBC,根据新兴的 IT 实践和电信规范 (NFV),专为在数据中心/云环境中部署而设计。 Italtel NetMatch-S CI 5.2.0-20211008版本存在安全漏洞,该漏洞源于存在绝对路径遍历,未经身份验证的用户可以将文件上传到任意路径,从而导致对服务器的未授权访问。
CVSS Information
N/A
Vulnerability Type
N/A