Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PWS Personal Weather Station Dashboard (PWS_Dashboard) LTS December 2020 (2012_lts) allows remote code execution by injecting PHP code into settings.php. Attacks can use the PWS_printfile.php, PWS_frame_text.php, PWS_listfile.php, PWS_winter.php, and PWS_easyweathersetup.php endpoints. A contributing factor is a hardcoded login password of support, which is not documented. (This is not the same as the documented setup password, which is 12345.) The issue was fixed in late 2022.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Personal Weather Station Dashboard 信任管理问题漏洞
Vulnerability Description
Personal Weather Station Dashboard(PWS_Dashboard)是PWS_Dashboard开源的一个数据丰富的天气仪表板。 Personal Weather Station Dashboard存在安全漏洞。攻击者利用该漏洞通过将PHP代码注入到settings.php来执行远程代码。
CVSS Information
N/A
Vulnerability Type
N/A