Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Connected IO v2.1.0 and prior has a command as part of its communication protocol allowing the management platform to specify arbitrary OS commands for devices to execute. Attackers abusing this dangerous functionality may issue all devices OS commands to execute, resulting in arbitrary remote command execution.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Connected IO 操作系统命令注入漏洞
Vulnerability Description
Connected IO是美国Connected IO公司的一款领先的硬件、软件和基于云的物联网和机器对机器解决方案 Connected IO v2.1.0 版本之前存在安全漏洞,该漏洞源于有一个命令作为其通信协议的一部分,允许管理平台指定任意操作系统命令供设备执行。
CVSS Information
N/A
Vulnerability Type
N/A