Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N-Reporter and N-Cloud from N-Partner - Os Command Injection
Vulnerability Description
N-Reporter and N-Cloud, products of the N-Partner, have an OS Command Injection vulnerability. Remote attackers with normal user privilege can execute arbitrary system commands by manipulating user inputs on a specific page.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
N-Partner N-Reporter 操作系统命令注入漏洞
Vulnerability Description
N-Partner N-Reporter是中国N-Partner公司的一个事件查询与报表系统。 N-Reporter和N-Cloud 6.1.187 (20240216-1603)之前版本存在操作系统命令注入漏洞,该漏洞源于存在操作系统命令注入漏洞。攻击者可利用该漏洞执行任意系统命令。
CVSS Information
N/A
Vulnerability Type
N/A