Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing Protection Mechanism for Alternate Hardware Interface
Vulnerability Description
The device directly executes .patch firmware upgrade files on a USB stick without any prior authentication in the admin interface. This leads to an unauthenticated code execution via the firmware upgrade function.
CVSS Information
N/A
Vulnerability Type
CWE-1299
Vulnerability Title
Rittal IoT Interface & CMC III Processing Unit 安全漏洞
Vulnerability Description
Rittal IoT Interface & CMC III Processing Unit是德国Rittal公司的一个用于监控物理环境条件的传感器智能联网的关键组件。 Rittal IoT Interface & CMC III Processing Unit 6.21.00.2之前版本存在安全漏洞,该漏洞源于设备直接在USB上执行 .patch 固件升级文件,而无需在管理界面中进行任何事先身份验证,导致通过固件升级功能执行未经身份验证的代码。
CVSS Information
N/A
Vulnerability Type
N/A