Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Incorrect default permissions in Cradlepoint NetCloud Exchange
Vulnerability Description
The NetCloud Exchange client for Windows, version 1.110.50, contains an insecure file and folder permissions vulnerability. A normal (non-admin) user could exploit the weakness in file and folder permissions to escalate privileges, execute arbitrary code and maintain persistence on the compromised machine. It has been identified that full control permissions exist on the ‘Everyone’ group (i.e. any user who has local access to the operating system regardless of their privileges).
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
缺省权限不正确
Vulnerability Title
Ericsson Cradlepoint NetCloud Exchange 安全漏洞
Vulnerability Description
Ericsson Cradlepoint NetCloud Exchange(NCX)是瑞典爱立信(Ericsson)公司的一种统一的 WAN 网络和安全架构。 Ericsson Cradlepoint NetCloud Exchange 1.110.50版本存在安全漏洞,该漏洞源于存在不安全的文件和文件夹权限漏洞,导致攻击者可以提升权限、执行任意代码并在受感染的计算机上保持持久性。
CVSS Information
N/A
Vulnerability Type
N/A