Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SUNNET WMPro - Command Injection
Vulnerability Description
SUNNET WMPro portal's file management function has a vulnerability of insufficient filtering for user input. A remote attacker with administrator privilege or a privileged account can exploit this vulnerability to inject and execute arbitrary system commands to perform arbitrary system operations or disrupt service.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
SUNNET WMPro 操作系统命令注入漏洞
Vulnerability Description
旭联科技 SUNNET WMPro是中国台湾旭联科技公司的一套线上学习平台。 SUNNET WMPro V5版本存在操作系统命令注入漏洞,该漏洞源于file management功能对用户输入过滤不充分,导致存在操作系统命令注入漏洞。
CVSS Information
N/A
Vulnerability Type
N/A