漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Privilege escalation in Arista Wireless Access Points
Vulnerability Description
This Advisory describes an issue that impacts Arista Wireless Access Points. Any entity with the ability to authenticate via SSH to an affected AP as the “config” user is able to cause a privilege escalation via spawning a bash shell. The SSH CLI session does not require high permissions to exploit this vulnerability, but the config password is required to establish the session. The spawned shell is able to obtain root privileges.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Arista Wireless Access Points 安全漏洞
Vulnerability Description
Arista Wireless Access Points是Arista公司的一款三射频 802.11ax 接入点。 Arista Wireless Access Points存在安全漏洞,该漏洞源于任何能够通过 SSH 且以配置用户身份对受影响 AP 进行身份验证的实体都能够通过生成 bash shell 来提升权限。
CVSS Information
N/A
Vulnerability Type
N/A