Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Fujian Kelixun Filename fax_view.php os command injection
Vulnerability Description
A vulnerability was found in Fujian Kelixun 1.0. It has been classified as critical. This affects an unknown part of the file /app/fax/fax_view.php of the component Filename Handler. The manipulation of the argument fax_file leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Kelixun Communication Command and Dispatch Management Platform 命令注入漏洞
Vulnerability Description
Kelixun Communication Command and Dispatch Management Platform(科立讯)是中国科立讯(Kelixun)公司的一个通信指挥调度管理平台。 Kelixun Communication Command and Dispatch Management Platform 1.0版本存在命令注入漏洞,该漏洞源于文件/app/fax/fax_view.php中参数fax_file的错误操作导致os命令注入。
CVSS Information
N/A
Vulnerability Type
N/A