Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HiSecOS 04.0.01 Privilege Escalation via User Role Modification
Vulnerability Description
HiSecOS 04.0.01 contains a privilege escalation vulnerability that allows authenticated users to modify their access role through XML-based NETCONF configuration. Attackers can send crafted XML payloads to the /mops_data endpoint with a specific role value to elevate their user privileges to administrative level.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
特权管理不恰当
Vulnerability Title
Belden HiSecOS 安全漏洞
Vulnerability Description
Belden HiSecOS是美国百通(Belden)公司的一套用于工业安全路由器的操作系统。 Belden HiSecOS 04.0.01版本存在安全漏洞,该漏洞源于XML配置处理不当,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A