Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ifm: Reading function in Smart PLC allows command injections
Vulnerability Description
A remote attacker with high privileges may use a reading file function to inject OS commands.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
ifm electronic Smart PLC AC14xx 和Smart PLC AC4xxS 操作系统命令注入漏洞
Vulnerability Description
ifm electronic Smart PLC AC14xx和ifm electronic Smart PLC AC4xxS都是德国易福门电子(ifm electronic)公司的一系列主机/网关。 ifm electronic Smart PLC AC14xx和Smart PLC AC4xxS 4.3.17及之前版本存在操作系统命令注入漏洞,该漏洞源于具有高权限的远程攻击者可能会使用读取文件功能来注入操作系统命令。
CVSS Information
N/A
Vulnerability Type
N/A