Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Affected applications are vulnerable to command injection due to missing server side input sanitation when loading VxLAN configurations. This could allow an authenticated attacker to execute arbitrary code with root privileges.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Siemens SINEMA Remote Connect Server 命令注入漏洞
Vulnerability Description
Siemens SINEMA Remote Connect Server是德国西门子(Siemens)公司的一套远程网络管理平台。该平台主要用于远程访问、维护、控制和诊断底层网络。 Siemens SINEMA Remote Connect Server V3.2 HF1 版本之前存在命令注入漏洞,该漏洞源于加载 VxLAN 配置时缺少服务器端输入清理,受影响的应用程序容易受到命令注入攻击。这可能允许经过身份验证的攻击者以 root 权限执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A