Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authentication bypass vulnerability on CIRCUTOR Q-SMT
Vulnerability Description
CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS) attack if an attacker with access to the web service bypasses the authentication mechanisms on the login page, allowing the attacker to use all the functionalities implemented at web level that allow interacting with the device.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
CWE-1284
Vulnerability Title
CIRCUTOR Q-SMT 安全漏洞
Vulnerability Description
CIRCUTOR Q-SMT是CIRCUTOR公司的一个工业硬件设备。 CIRCUTOR Q-SMT 1.0.4版本存在安全漏洞,该漏洞源于登录页面的认证机制可以被绕过,允许拥有网络访问权限的攻击者使用所有在网页级别上实现的功能来与设备进行交互。
CVSS Information
N/A
Vulnerability Type
N/A