漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause remote command execution by a privileged account when the server is accessed via a console and through exploitation of the hostname input.
CVSS Information
N/A
Vulnerability Type
对生成代码的控制不恰当(代码注入)
Vulnerability Title
Schneider Electric EcoStruxure IT Data Center Expert 代码注入漏洞
Vulnerability Description
Schneider Electric EcoStruxure IT Data Center Expert是法国施耐德电气(Schneider Electric)公司的一款可扩展的监控软件,用于收集、组织和分发关键设备信息,提供设备的全面视图。 Schneider Electric EcoStruxure IT Data Center Expert存在代码注入漏洞,该漏洞源于代码生成控制不当,可能导致特权账户远程命令执行。
CVSS Information
N/A
Vulnerability Type
N/A