Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Dahua Smart Parking Management image server-side request forgery
Vulnerability Description
A vulnerability has been found in Dahua Smart Parking Management up to 20230528 and classified as problematic. This vulnerability affects unknown code of the file /ipms/imageConvert/image. The manipulation of the argument fileUrl leads to server-side request forgery. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230800. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Dahua Smart Parking Management 代码问题漏洞
Vulnerability Description
Dahua Smart Parking Management是中国大华(Dahua)公司的一个停车解决方案。 Dahua Smart Parking Management 20230528及之前版本存在代码问题漏洞,该漏洞源于文件/ipms/imageConvert/image的未知代码存在问题,对参数fileUrl的操作会导致服务器端请求伪造。
CVSS Information
N/A
Vulnerability Type
N/A