Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Hirschmann HiEOS Authentication Bypass via HTTP Management Module
Vulnerability Description
Hirschmann HiEOS devices versions prior to 01.1.00 contain an authentication bypass vulnerability in the HTTP(S) management module that allows unauthenticated remote attackers to gain administrative access by sending specially crafted HTTP(S) requests. Attackers can exploit improper authentication handling to obtain elevated privileges and perform unauthorized actions including configuration download or upload and firmware modification.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
认证机制不恰当
Vulnerability Title
Belden Hirschmann HiEOS LRS11 安全漏洞
Vulnerability Description
Belden Hirschmann HiEOS LRS11是美国Belden公司的一款工业以太网交换机操作系统平台。 Belden Hirschmann HiEOS LRS11 01.1.00之前版本存在安全漏洞,该漏洞源于HTTP(S)管理模块身份验证处理不当,可能导致未经身份验证的远程攻击者获得管理访问权限。
CVSS Information
N/A
Vulnerability Type
N/A