Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A code injection vulnerability that allows a low-privileged user with REST API access granted to remotely upload arbitrary files to the VSPC server using REST API, leading to remote code execution on VSPC server.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Veeam Service Provider Console 安全漏洞
Vulnerability Description
Veeam Service Provider Console是美国Veeam公司的一个支持云的平台。 Veeam Service Provider Console 8.0.0.19552 版本及之前的 8 版本存在安全漏洞,该漏洞源于包含一个代码注入漏洞,允许具有REST API访问权限的低权限用户使用REST API远程将任意文件上传到VSPC服务器,从而导致VSPC服务器上的远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A