Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Advantech DeviceOn/iEdge Path Traversal
Vulnerability Description
Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to cause a denial-of-service condition, traverse directories, or read/write files, within the context of the local system account.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Advantech DeviceOn/iEdge 路径遍历漏洞
Vulnerability Description
Advantech DeviceOn/iEdge是中国台湾研华(Advantech)公司的一个边缘设备远程管理与运维平台。 Advantech DeviceOn/iEdge 2.0.2及之前版本存在路径遍历漏洞,该漏洞源于清理不足,可能导致拒绝服务、目录遍历或本地系统账户上下文中的文件读写。
CVSS Information
N/A
Vulnerability Type
N/A