漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
MiniDVBLinux 5.4 Unauthenticated Configuration Download via Backup Endpoint
Vulnerability Description
MiniDVBLinux 5.4 contains an unauthenticated configuration download vulnerability that allows remote attackers to access sensitive system configuration files through a direct object reference. Attackers can exploit the backup download endpoint by sending a GET request with 'action=getconfig' to retrieve a complete system configuration archive containing sensitive credentials.
CVSS Information
N/A
Vulnerability Type
配置文件中存储口令
Vulnerability Title
MiniDVBLinux 安全漏洞
Vulnerability Description
MiniDVBLinux是德国MiniDVBLinux公司的一款多媒体中心软件。 MiniDVBLinux 5.4版本存在安全漏洞,该漏洞源于不安全的直接对象引用,可能导致配置泄露。
CVSS Information
N/A
Vulnerability Type
N/A