Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ConsoleFindCommandMatchList
Vulnerability Description
A vulnerability exists in the ConsoleFindCommandMatchList function in libsymproc. so imported by ctpd that may lead to unauthorized execution of an attacker-defined file that gets prioritized by the ConsoleFindCommandMatchList. A third-party researcher discovered that the ConsoleFindCommandMatchList enumerates the /dev/shm/symproc/c directory in alphabetical order to identify console commands. Permission levels are inferred from the integer values present in each command's file name. Confirmed Affected Hardware: TSW-760, TSW-1060 Confirmed Affected Firmware: 3.002.1061 Fixed Firmware: no fixed released (product is discontinued and end of life) For x70 The Affected Firmware:- 3.000.0110.001 and versions below The Fixed Firmware:- 3.001.0031.001
CVSS Information
N/A
Vulnerability Type
不充分的比较
Vulnerability Title
CRESTRON TOUCHSCREENS x70 安全漏洞
Vulnerability Description
CRESTRON TOUCHSCREENS x70是美国CRESTRON公司的一款交互触摸显示器。 CRESTRON TOUCHSCREEN x70存在安全漏洞,该漏洞源于ConsoleFindCommandMatchList函数,可能导致执行攻击者定义的文件。
CVSS Information
N/A
Vulnerability Type
N/A