Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Command injection vulnerability in module management function in CloudExplorer Lite
Vulnerability Description
CloudExplorer Lite is an open source, lightweight cloud management platform. Versions prior to 1.3.1 contain a command injection vulnerability in the installation function in module management. The vulnerability has been fixed in v1.3.1. There are no known workarounds aside from upgrading.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
CloudExplorer Lite 操作系统命令注入漏洞
Vulnerability Description
CloudExplorer Lite是CloudExplorer公司的提供开箱即用的云主机管理、云账单、运营分析和安全合规等基本功能,同时还可提供强大的扩展能力以满足企业的定制化需求的平台。 CloudExplorer Lite 1.3.1版本存在操作系统命令注入漏洞,该漏洞源于installation功能存在命令注入漏洞。
CVSS Information
N/A
Vulnerability Type
N/A