Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Web UI OS Command Injection in Brivo ACS100, ACS300
Vulnerability Description
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from 5.2.4 before 6.2.4.3.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Brivo ACS100、ACS300 安全漏洞
Vulnerability Description
Brivo Access Control Systems(Brivo ACS)是美国Brivo公司的一系列访问控制系统。提供全面的可见性、数据驱动的洞察、访问控制和开放集成,以改善安全运营。 Brivo ACS100、ACS300 5.2.4 到 6.2.4.3版本存在安全漏洞,该漏洞源于操作系统命令中使用的特殊元素的不正确中和,允许操作系统命令注入。
CVSS Information
N/A
Vulnerability Type
N/A