Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Ilevia EVE X1/X5 Server 4.7.18.0.eden Reverse Rootshell
Vulnerability Description
Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file that allows passwordless execution of certain Bash scripts. If these scripts are writable by web-facing users or accessible via command injection, attackers can replace them with malicious payloads. Execution with sudo grants full root access, resulting in remote privilege escalation and potential system compromise.
CVSS Information
N/A
Vulnerability Type
特权管理不恰当
Vulnerability Title
Ilevia EVE X1 Server和Ilevia EVE X5 Server 安全漏洞
Vulnerability Description
Ilevia EVE X1 Server和Ilevia EVE X5 Server都是意大利Ilevia公司的一款智能家居与楼宇自动化。 Ilevia EVE X1 Server和Ilevia EVE X5 Server 4.7.18.0.eden及之前版本存在安全漏洞,该漏洞源于sudoers文件配置不当,可能导致远程权限提升和系统破解。
CVSS Information
N/A
Vulnerability Type
N/A