Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
nutzam NutzBoot Transaction API EthModule.java improper authorization
Vulnerability Description
A security vulnerability has been detected in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This impacts an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Transaction API. The manipulation of the argument from/to/wei leads to improper authorization. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
授权机制不恰当
Vulnerability Title
NutzBoot 安全漏洞
Vulnerability Description
NutzBoot是Nutz开源的一个企业级微服务框架。 NutzBoot 2.6.0-SNAPSHOT及之前版本存在安全漏洞,该漏洞源于文件EthModule.java中参数from/to/wei的错误操作,可能导致授权不当。
CVSS Information
N/A
Vulnerability Type
N/A