Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unsanitised variable on DAL_ADD in Evolution Controller causes application level denial of service and crash
Vulnerability Description
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below does not proper sanitize user input, allowing for an unauthenticated attacker to crash the controller software
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
使用未经初始化的变量
Vulnerability Title
DirectCyber Evolution Controller 安全漏洞
Vulnerability Description
DirectCyber Evolution Controller是DirectCyber公司的一款门禁控制器软件,用于控制器对设施的物理访问。 DirectCyber Evolution Controller 2.04.560.31.03.2024 版本及之前版本存在安全漏洞,该漏洞源于 Web 界面无法正确清理用户输入,从而允许未经身份验证的攻击者使控制器软件崩溃
CVSS Information
N/A
Vulnerability Type
N/A