漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability
Vulnerability Description
NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability. This vulnerability allows physically present attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of symbolic links on removable USB media. By creating a symbolic link, an attacker can abuse the router's web server to access arbitrary local files. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-19498.
CVSS Information
N/A
Vulnerability Type
在文件访问前对链接解析不恰当(链接跟随)
Vulnerability Title
NETGEAR RAX30 安全漏洞
Vulnerability Description
NETGEAR RAX30是美国网件(NETGEAR)公司的一个双频无线路由器。 NETGEAR RAX30存在安全漏洞,该漏洞源于在处理可移动USB介质上的符号链接时存在信息泄露漏洞。
CVSS Information
N/A
Vulnerability Type
N/A