Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A format string issue in the Controller 6000's optional diagnostic web interface can be used to write/read from memory, and in some instances crash the Controller 6000 leading to a Denial of Service. This issue affects: Gallagher Controller 6000 8.60 prior to vCR8.60.231116a (distributed in 8.60.2550 (MR7)), all versions of 8.50 and prior.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
使用外部控制的格式字符串
Vulnerability Title
Gallagher Controller 6000 格式化字符串错误漏洞
Vulnerability Description
Gallagher Controller 6000是新西兰Gallagher公司的一个 Gallagher 命令中心服务器和分布式现场硬件之间的接口。 Gallagher Controller 6000 vCR8.60.231116a 之前版本、8.50 及之前版本存在格式化字符串错误漏洞,该漏洞源于diagnostic Web 界面中的格式字符串问题可用于从内存中写入或读取,在某些情况下会使 Controller 6000 崩溃,从而导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A