漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate user input to the ```ssmctl-client``` command. This could allow an authenticated, lowly privileged remote attacker to execute arbitrary code with root privileges on the underlying OS.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
参数注入或修改
Vulnerability Title
Siemens SINEC Security Monitor 参数注入漏洞
Vulnerability Description
Siemens SINEC Security Monitor是德国西门子(Siemens)公司的一个工业安防监控器。 Siemens SINEC Security Monitor V4.9.0版本之前存在参数注入漏洞,该漏洞源于受影响的应用程序未正确验证用户对 ssmctl-client 命令的输入。
CVSS Information
N/A
Vulnerability Type
N/A