Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Indo-Sol PROFINET-INspektor NT through 2.4.0, a command injection vulnerability in the gedtupdater service of the firmware allows remote attackers to execute arbitrary system commands with root privileges via a crafted filename parameter in POST requests to the /api/updater/ctrl/start_update endpoint.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Indu-Sol PROFINET-INspektor NT 安全漏洞
Vulnerability Description
Indu-Sol PROFINET-INspektor NT是德国Indu-Sol公司的一个用于 PROFINET 通信验证、验收、质量检查和监控的分析和测试装置。 Indu-Sol PROFINET-INspektor NT 2.4.0及之前版本存在安全漏洞,该漏洞源于gedtupdater服务中存在命令注入漏洞,攻击者可以通过向/api/updater/ctrl/start_update端点发出POST请求,以root权限执行任意系统命令。
CVSS Information
N/A
Vulnerability Type
N/A