Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dell NetWorker 19.6.1.2, contains an OS command injection Vulnerability in the NetWorker client. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. This is a high severity vulnerability as the exploitation allows an attacker to take complete control of a system, so Dell recommends customers to upgrade at the earliest opportunity.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
对生成代码的控制不恰当(代码注入)
Vulnerability Title
Dell NetWorker 操作系统命令注入漏洞
Vulnerability Description
Dell NetWorker是美国戴尔(Dell)公司的一个应用程序。提供戴尔公司的论坛讨论功能。 Dell NetWorker 19.6.1.2版本存在操作系统命令注入漏洞。攻击者利用该漏洞在应用程序的底层操作系统上执行任意操作系统命令,并获得特权。
CVSS Information
N/A
Vulnerability Type
N/A