Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authenticated Remote Code Execution in Kiloview NDI N series products
Vulnerability Description
An OS Command Injection vulnerability in Kiloview NDI allows a low-privileged user to execute arbitrary code remotely on the device with high privileges. This issue affects Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware version 2.02.0227 .
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Kiloview NDI多个产品 安全漏洞
Vulnerability Description
Kiloview NDI N4和Kiloview NDI N3都是中国千视(Kiloview)的产品。Kiloview NDI N4是一款多通道的NDI视频编码器。Kiloview NDI N3是一款紧凑型的NDI视频编码器。 Kiloview NDI多个产品存在安全漏洞,该漏洞源于存在操作系统命令注入漏洞,允许低权限用户在具有高权限的设备上远程执行任意代码。以下产品和版本受到影响:Kiloview NDI N3、N4、N20、N30、N40 2.02.0227之前版本。
CVSS Information
N/A
Vulnerability Type
N/A