Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Symbolic Link Exploit in 1E Client's - Nomad module allows Arbitrary File Deletion
Vulnerability Description
Improper link resolution before file access in the Nomad module of the 1E Client, in versions prior to 25.3, enables an attacker with local unprivileged access on a Windows system to delete arbitrary files on the device by exploiting symbolic links.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
在文件访问前对链接解析不恰当(链接跟随)
Vulnerability Title
1E Client 安全漏洞
Vulnerability Description
1E Client是美国1E Client公司的一款无需部署代理的端点管理软件。 1E Client 25.3之前版本存在安全漏洞,该漏洞源于文件访问前的链接解析不当,可能导致本地攻击者删除任意文件。
CVSS Information
N/A
Vulnerability Type
N/A