Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Belden HiSecOS Web Server Privilege Escalation
Vulnerability Description
HiSecOS web server versions 03.4.00 prior to 04.1.00 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this flaw to gain full administrative access to the affected device.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
特权管理不恰当
Vulnerability Title
Belden HiSecOS 安全漏洞
Vulnerability Description
Belden HiSecOS是美国百通(Belden)公司的一套用于工业安全路由器的操作系统。 Belden HiSecOS 04.1.00之前版本存在安全漏洞,该漏洞源于向Web服务器发送特制数据包时存在权限提升漏洞,可能导致具有操作员或审计员角色的用户提升至管理员角色。
CVSS Information
N/A
Vulnerability Type
N/A