Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication bypass. An attacker can send a network request to trigger this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
使用硬编码的密码学密钥
Vulnerability Title
Milesight VPN 安全漏洞
Vulnerability Description
Milesight VPN是中国星纵物联(Milesight)公司的一个基于 Web 的 VPN 监控和管理平台。 Milesight VPN v2.0.2版本存在安全漏洞,该漏洞源于存在身份验证绕过漏洞,特制的网络请求可能会导致身份验证绕过。
CVSS Information
N/A
Vulnerability Type
N/A