Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 86x8_NOE-R300.1.40.12.4180 and SIP deskphones through 86x8_SIP-R200.1.01.10.728. Because of improper privilege management, an authenticated attacker is able to create symlinks to sensitive and protected data in locations that are used for debugging files. Given that the process of gathering debug logs is carried out with root privileges, any file referenced in the symlink is consequently written to the debug archive, thereby granting accessibility to the attacker.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Alcatel-Lucent ALE NOE 安全漏洞
Vulnerability Description
Alcatel-Lucent ALE NOE是阿尔卡特朗讯(Alcatel-Lucent)公司的一款台式电话。 Alcatel-Lucent ALE NOE 86x8_NOE-R300.1.40.07.4140、86x8_SIP-R200.1.01.10.728版本存在安全漏洞,该漏洞源于权限管理不当,经过身份验证的攻击者能够在用于调试文件的位置创建指向敏感和受保护数据的符号链接。
CVSS Information
N/A
Vulnerability Type
N/A