Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Ilevia EVE X1/X5 Server 4.7.18.0.eden Authentication Bypass
Vulnerability Description
Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication mechanism. Unsanitized input is passed to a system() call for authentication, allowing attackers to inject special characters and manipulate command parsing. Due to the binary's interpretation of non-zero exit codes as successful authentication, remote attackers can bypass authentication and gain full access to the system.
CVSS Information
N/A
Vulnerability Type
认证机制不恰当
Vulnerability Title
Ilevia EVE X1 Server和Ilevia EVE X5 Server 安全漏洞
Vulnerability Description
Ilevia EVE X1 Server和Ilevia EVE X5 Server都是意大利Ilevia公司的一款智能家居与楼宇自动化。 Ilevia EVE X1 Server和Ilevia EVE X5 Server 4.7.18.0.eden及之前版本存在安全漏洞,该漏洞源于身份验证机制中未清理的输入被传递给system调用,可能导致绕过身份验证和获取系统完全访问权限。
CVSS Information
N/A
Vulnerability Type
N/A