Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authenticated command injection
Vulnerability Description
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Honeywell MB-Secure allows Privilege Abuse. This issue affects MB-Secure: from V11.04 before V12.53 and MB-Secure PRO from V01.06 before V03.09.Honeywell also recommends updating to the most recent version of this product.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Honeywell MB-Secure 安全漏洞
Vulnerability Description
Honeywell MB-Secure是美国霍尼韦尔(Honeywell)公司的一个工业级网络安全解决方案,专为Modbus协议设计,提供工业控制系统(ICS)的通信保护和访问控制。 Honeywell MB-Secure V11.04至V12.53之前版本存在安全漏洞,该漏洞源于操作系统命令中和不当,可能导致权限滥用。
CVSS Information
N/A
Vulnerability Type
N/A