漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Information disclosure, tampering, deletion and destruction vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP Modules
Vulnerability Description
Unrestricted Upload of File with Dangerous Type vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to cause information disclosure, tampering, deletion or destruction via file upload/download. As a result, the attacker may be able to exploit this for further attacks.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Mitsubishi Electric MELSEC 代码问题漏洞
Vulnerability Description
Mitsubishi Electric MELSEC iQ-R series和Mitsubishi Electric MELSEC iQ-F series都是日本三菱电机(Mitsubishi Electric)公司的一款可编程逻辑控制器。 Mitsubishi Electric MELSEC存在安全漏洞,该漏洞源于对上传文件的验证不充分。攻击者利用该漏洞通过文件上传或下载进行篡改、删除或破坏。以下产品受到影响:Mitsubishi Electric Corporation MELSEC iQ-R Ser
CVSS Information
N/A
Vulnerability Type
N/A