漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Unauthenticated Factory Reset Vulnerability
Vulnerability Description
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated vulnerability in the /usr/cgi-bin/restorefactory.cgi endpoint that allows remote attackers to reset device configuration. Attackers can send a POST request to the endpoint with specific data to trigger a factory reset and bypass authentication, gaining full system control.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
SOUND4多款产品 访问控制错误漏洞
Vulnerability Description
SOUND4 IMPACT等都是法国SOUND4公司的产品。SOUND4 IMPACT是一款专业广播音频处理器。SOUND4 FIRST是一款广播用的音频处理器。SOUND4 PULSE是一款音频处理器。 SOUND4多款产品存在访问控制错误漏洞,该漏洞源于restorefactory.cgi端点可能导致设备配置重置。以下版本受到影响:SOUND4 IMPACT、SOUND4 FIRST和SOUND4 PULSE。
CVSS Information
N/A
Vulnerability Type
N/A