Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CVE-2023-0432
Vulnerability Description
The web configuration service of the affected device contains an authenticated command injection vulnerability. It can be used to execute system commands on the operating system (OS) from the device in the context of the user "root." If the attacker has credentials for the web service, then the device could be fully compromised.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Delta Electronics DX-2100 Series 跨站脚本漏洞
Vulnerability Description
Delta Electronics DX-2100 Series是中国台达电子(Delta Electronics)公司的一款路由器。 Delta Electronics DX-2100-L1-CN 1.5.0.10版本存在安全漏洞,该漏洞源于Web配置服务中的“net diagnosis”函数存在安全问题,导致在用户会话的上下文中被利用,攻击者利用该漏洞可以执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A