Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker logged in with a user level account to gain higher privileges by providing a harmful serialized object.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
可信数据的反序列化
Vulnerability Title
Schneider Electric Easergy Studio 代码问题漏洞
Vulnerability Description
Schneider Electric Easergy Studio是法国施耐德电气(Schneider Electric)公司的一款用于设置和配置的IED支持软件。 Schneider Electric Easergy Studio v9.3.5之前版本存在代码问题漏洞,该漏洞源于存在不受信任数据反序列化,可能允许攻击者使用用户级帐户登录,并通过提供有害的序列化来获得更高的权限。
CVSS Information
N/A
Vulnerability Type
N/A