Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
WePresent WiPG-1000 Unauthenticated Command Injection in via rdfs.cgi
Vulnerability Description
An unauthenticated command injection vulnerability exists in WePresent WiPG-1000 firmware versions prior to 2.2.3.0, due to improper input handling in the undocumented /cgi-bin/rdfs.cgi endpoint. The Client parameter is not sanitized before being passed to a system call, allowing an unauthenticated remote attacker to execute arbitrary commands as the web server user.
CVSS Information
N/A
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Barco WePresent WiPG-1000 安全漏洞
Vulnerability Description
Barco WePresent WiPG-1000是比利时Barco公司的一款无线演示服务器。 Barco WePresent WiPG-1000 2.2.3.0之前版本存在安全漏洞,该漏洞源于/cgi-bin/rdfs.cgi端点输入处理不当,可能导致命令注入。
CVSS Information
N/A
Vulnerability Type
N/A