Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
COMMGR - Insufficient Randomization Authentication Bypass
Vulnerability Description
Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338). An attacker could easily brute force a session ID and load and execute arbitrary code.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
使用具有密码学弱点缺陷的PRNG
Vulnerability Title
Delta Electronics COMMGR 安全漏洞
Vulnerability Description
Delta Electronics COMMGR是中国台达电子(Delta Electronics)公司的一个通讯管理软件。 Delta Electronics COMMGR 1.0版本和2.0版本存在安全漏洞,该漏洞源于会话ID生成随机性不足,可能导致任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A