Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
wfh45678 Radar Interface authorization
Vulnerability Description
A vulnerability was found in wfh45678 Radar up to 1.0.8 and classified as critical. This issue affects some unknown processing of the component Interface Handler. The manipulation with the input /../ leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This appears not to be a path traversal weakness. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
Radar 安全漏洞
Vulnerability Description
Radar(风控引擎)是feihu.wang个人开发者的一款轻量级实时风控引擎。 wfh45678 Radar 1.0.8及之前版本存在安全漏洞,该漏洞源于组件Interface Handler对输入/…/的操作会导致授权绕过。
CVSS Information
N/A
Vulnerability Type
N/A