Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
The SYSCOM Group OMFLOW - Arbitrary File Read
Vulnerability Description
OMFLOW from The SYSCOM Group does not properly validate user input of the download functionality, allowing remote attackers with regular privileges to read arbitrary system files.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
绝对路径遍历
Vulnerability Title
SYSCOM OMFLOW 安全漏洞
Vulnerability Description
SYSCOM OMFLOW是中国SYSCOM公司的一个信息维护管理系统。 SYSCOM OMFLOW 1.1.6.0版本至1.2.1.2版本存在安全漏洞,该漏洞源于未正确验证下载功能的用户输入,允许具有常规权限的远程攻击者读取任意系统文件。
CVSS Information
N/A
Vulnerability Type
N/A