Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OS Command Injection vulnerability in Revolution Pi
Vulnerability Description
OS Command Injection vulnerability in Revolution Pi version 2022-07-28-revpi-buster from KUNBUS GmbH. This vulnerability could allow an authenticated attacker to execute OS commands on the device via the ‘php/dal.php’ endpoint, in the ‘arrSaveConfig’ parameter.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
KUNBUS Revolution Pi 操作系统命令注入漏洞
Vulnerability Description
KUNBUS Revolution Pi是KUNBUS公司的一款基于 Raspberry Pi 的开放式、模块化且经济高效的工业 PC。 KUNBUS Revolution Pi存在操作系统命令注入漏洞,该漏洞源于php/dal.php端点的arrSaveConfig参数包含一个操作系统命令注入漏洞。
CVSS Information
N/A
Vulnerability Type
N/A