Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The source of the vulnerability relies on multiple parameters belonging to the "mp_apply" API which are not properly sanitized before being concatenated to OS level commands.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Advantech EKI-6333AC-2G和Advantech EKI-6333AC-2GD 安全漏洞
Vulnerability Description
Advantech EKI-6333AC-2G和Advantech EKI-6333AC-2GD都是中国研华(Advantech)公司的一款工业级 无线接入点(AP)。 Advantech EKI-6333AC-2G 1.6.3版本及之前版本、EKI-6333AC-2GD v1.6.3版本及之前版本和EKI-6333AC-1GPO v1.2.1版本及之前版本存在安全漏洞,该漏洞源于对使用的特殊元素中和不当。
CVSS Information
N/A
Vulnerability Type
N/A