Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor's ID is BSECV-2022-21.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Hirschmann BAT-C2 安全漏洞
Vulnerability Description
Hirschmann BAT-C2是德国赫斯曼(Hirschmann)公司的一款无线接入点。 Hirschmann BAT-C2 09.13.01.00R04之前版本存在安全漏洞,该漏洞源于网络服务器中FsCreateDir Ajax函数的dir参数没有得到充分的处理,这允许认证的攻击者向系统的外壳传递命令,进行命令注入。
CVSS Information
N/A
Vulnerability Type
N/A