Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OS Command Injection
Vulnerability Description
An unauthenticated attacker with network access to the affected device's web interface can execute any system command via the "msg_events.php" script as the www-data user. The HTTP GET parameter "data" is not properly sanitized.
CVSS Information
N/A
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Image Access Scan2Net 安全漏洞
Vulnerability Description
Image Access Scan2Net是德国Image Access公司的一款扫描软件。 Image Access Scan2Net 7.40及之前版本、7.42及之前版本和7.42B之前版本存在安全漏洞,该漏洞源于HTTP GET参数data清理不当,攻击者可以通过网络访问受影响设备的 Web 界面,以 www-data 用户身份可以执行任何系统命令。
CVSS Information
N/A
Vulnerability Type
N/A