漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A critical remote code execution (RCE) vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters when debugging mode is enabled. An attacker with a valid session ID (sess_id) can send specially crafted POST requests to the /json endpoint, enabling arbitrary command execution on the underlying system. This vulnerability can lead to full system compromise, including unauthorized access, privilege escalation, and potentially full device takeover.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GatesAir Maxiva 安全漏洞
Vulnerability Description
GatesAir Maxiva是美国GatesAir公司的一系列发射器。 GatesAir Maxiva UAXT Transmitter和VAXT Transmitter存在安全漏洞,该漏洞源于调试模式启用时未正确验证的POST请求处理,导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A