Missing Authentication for Critical Function vulnerability in TEM Opera Plus FM Family Transmitter

TEM Opera Plus FM Family Transmitter allows access to an unprotected endpoint that allows MPFS File System binary image upload without authentication. This file system serves as the basis for the HTTP2 web server module but is also used by the SNMP module and is available to other applications that require basic read-only storage capabilities. This can be exploited to overwrite the flash program memory that holds the web server's main interfaces and execute arbitrary code.

N/A

关键功能的认证机制缺失

TEM Opera Plus FM Family Transmitter 访问控制错误漏洞

TEM Opera Plus FM Family Transmitter是TEM公司的一种调频（FM）发射器设备。 TEM Opera Plus FM Family Transmitter 35.45版本存在访问控制错误漏洞，该漏洞源于允许访问一个未受保护的端点，该端点可以在没有认证的情况下上传MPFS文件系统的二进制镜像。

N/A

N/A