漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Ksenia Security lares Home Automation 1.6 URL Redirection Vulnerability
Vulnerability Description
Ksenia Security lares (legacy model) version 1.6 contains a URL redirection vulnerability in the 'cmdOk.xml' script that allows attackers to manipulate the 'redirectPage' GET parameter. Attackers can craft malicious links that redirect authenticated users to arbitrary websites when clicking on a specially constructed link hosted on a trusted domain.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Vulnerability Title
Ksenia Security Lares 4.0 Home Automation 输入验证错误漏洞
Vulnerability Description
Ksenia Security Lares 4.0 Home Automation是意大利Ksenia Security公司的一款智慧安防与家庭自动化控制平台。 Ksenia Security Lares 4.0 Home Automation 1.6版本存在输入验证错误漏洞,该漏洞源于cmdOk.xml脚本中对redirectPage GET参数的操作,可能导致URL重定向攻击。
CVSS Information
N/A
Vulnerability Type
N/A