Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SmartBPM.NET - Use of Hard-Coded Credentials - 1
Vulnerability Description
SmartSoft SmartBPM.NET has a vulnerability of using hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized payload to the server to execute arbitrary code and disrupt service.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
使用硬编码的凭证
Vulnerability Title
SmartSoft SmartBPM.NET 信任管理问题漏洞
Vulnerability Description
SmartSoft SmartBPM.NET是中国慧智科技(SmartSoft)公司的一个企业流程管理平台。 SmartSoft SmartBPM.NET 存在信任管理问题漏洞,该漏洞源于使用硬编码机器密钥。
CVSS Information
N/A
Vulnerability Type
N/A