Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
OpenOrange Business Framework version 1.15.5 installs to a directory with overly permissive access control, allowing all authenticated users to write to the installation path. In combination with the application's behavior of loading DLLs from this location, this allows for DLL hijacking and may result in arbitrary code execution and privilege escalation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenOrange Business Framework 安全漏洞
Vulnerability Description
OpenOrange Business Framework是OpenOrange公司的一个业务应用框架。 OpenOrange Business Framework 1.15.5版本存在安全漏洞,该漏洞源于向非特权用户提供对安装目录的写访问权限。
CVSS Information
N/A
Vulnerability Type
N/A