Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Devices using Snap One OvrC cloud are sent to a web address when accessing a web management interface using a HTTP connection. Attackers could impersonate a device and supply malicious information about the device’s web server interface. By supplying malicious parameters, an attacker could redirect the user to arbitrary and dangerous locations on the web.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Vulnerability Title
Snap One OvrC Cloud 存在输入验证错误漏洞
Vulnerability Description
Snap One OvrC是美国Snap One公司的一款基于云的免费远程管理和监控平台。 Snap One OvrC Cloud存在输入验证错误漏洞,该漏洞源于URL重定向到不受信任的站点,攻击者利用该漏洞可以将用户重定向到Web上的任意危险位置。
CVSS Information
N/A
Vulnerability Type
N/A