Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
sunniwell HT3300 before 1.0.0.B022.2 is vulnerable to Insecure Permissions. The /usr/local/bin/update program, which is responsible for updating the software in the HT3300 device, is given the execution mode of sudo NOPASSWD. This program is vulnerable to a command injection vulnerability, which could allow an attacker to pass commands to this program via command line arguments to gain elevated root privileges.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sunniwell HT3300 安全漏洞
Vulnerability Description
Sunniwell HT3300是中国朝歌(Sunniwell)公司的一款瘦客户机。 Sunniwell HT3300 1.0.0.B022.2之前版本存在安全漏洞,该漏洞源于存在命令注入漏洞,攻击者可以通过命令行参数将命令传递给此程序以获取提升的root权限。
CVSS Information
N/A
Vulnerability Type
N/A