Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Insertion of Sensitive Information Into Sent Data vulnerability on CIRCUTOR Q-SMT
Vulnerability Description
An attacker with access to the network where the CIRCUTOR Q-SMT is located in its firmware version 1.0.4, could obtain legitimate credentials or steal sessions due to the fact that the device only implements the HTTP protocol. This fact prevents a secure communication channel from being established.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
通过发送数据的信息暴露
Vulnerability Title
CIRCUTOR Q-SMT 安全漏洞
Vulnerability Description
CIRCUTOR Q-SMT是CIRCUTOR公司的一个工业硬件设备。 CIRCUTOR Q-SMT 1.0.4版本存在安全漏洞,该漏洞源于仅实施 HTTP协议,导致攻击者可访问所在网络并获取合法凭据或窃取会话。
CVSS Information
N/A
Vulnerability Type
N/A