Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Tibbo AggreGate Network Manager Unrestricted Upload of File with Dangerous Type
Vulnerability Description
There is an unrestricted file upload vulnerability where it is possible for an authenticated user (low privileged) to upload an jsp shell and execute code with the privileges of user running the web server.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Tibbo AggreGate Network Manager 代码问题漏洞
Vulnerability Description
Tibbo AggreGate Network Manager是Tibbo公司的一个网络监控和 IT 管理平台。 Tibbo AggreGate Network Manager 6.34.02版本及之前版本存在代码问题漏洞,该漏洞源于文件上传不受限制。攻击者利用该漏洞可以上传 jsp shell 并以运行 Web 服务器的用户的权限执行代码。
CVSS Information
N/A
Vulnerability Type
N/A