Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Hidden Functionality vulnerability in Contec Health CMS8000 Patient Monitor
Vulnerability Description
The "monitor" binary in the firmware of the affected product attempts to mount to a hard-coded, routable IP address, bypassing existing device network settings to do so. The function also enables the network interface of the device if it is disabled. The function is triggered by attempting to update the device from the user menu. This could serve as a backdoor to the device, and could lead to a malicious actor being able to upload and overwrite files on the device.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
隐藏功能
Vulnerability Title
Contec Health CMS8000 Patient Monitor 安全漏洞
Vulnerability Description
Contec Health CMS8000 Patient Monitor是日本Contec公司的一款生命体征病人监护仪。 Contec Health CMS8000 Patient Monitor存在安全漏洞。攻击者利用该漏洞可以上传和覆盖设备上的文件。
CVSS Information
N/A
Vulnerability Type
N/A