漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and USG FLEX series firmware versions from V4.60 through V5.38 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device by executing a crafted CLI command.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Zyxel ATP series firmware和Zyxel USG FLEX series firmware 操作系统命令注入漏洞
Vulnerability Description
Zyxel ATP series firmware和Zyxel USG FLEX series firmware都是中国合勤(Zyxel)公司的产品。Zyxel ATP series firmware是一系列防火墙固件。Zyxel USG FLEX series firmware是一系列安全设备固件。 Zyxel ATP series firmware V4.60版本至V5.38版本和Zyxel USG FLEX series firmware V4.60版本至V5.38版本存在操作系统命令注入漏洞。攻击
CVSS Information
N/A
Vulnerability Type
N/A