漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Zillya Total Security 3.0.2367.0 Local Privilege Escalation via Quarantine Module
Vulnerability Description
Zillya Total Security 3.0.2367.0 contains a privilege escalation vulnerability that allows low-privileged users to copy files to unauthorized system locations using the quarantine module. Attackers can leverage symbolic link techniques to restore quarantined files to restricted directories, potentially enabling system-level access through techniques like DLL hijacking.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
在文件访问前对链接解析不恰当(链接跟随)
Vulnerability Title
Zillya Total Security 安全漏洞
Vulnerability Description
Zillya Total Security是乌克兰Zillya公司的一款网络安全防护套件。 Zillya Total Security 3.0.2367.0版本存在安全漏洞,该漏洞源于隔离模块存在权限提升问题,可能导致低权限用户将文件复制到未经授权的系统位置。
CVSS Information
N/A
Vulnerability Type
N/A