Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Command Injection in Veeder-Root TLS4B Automatic Tank Gauge System
Vulnerability Description
The TLS4B ATG system's SOAP-based interface is vulnerable due to its accessibility through the web services handler. This vulnerability enables remote attackers with valid credentials to execute system-level commands on the underlying Linux system. This could allow the attacker to achieve remote command execution, full shell access, and potential lateral movement within the network.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Veeder-Root TLS4B Automatic Tank Gauge System 命令注入漏洞
Vulnerability Description
Veeder-Root TLS4B Automatic Tank Gauge System是美国Veeder-Root公司的一套用于加油站、油库或工业储罐的安全管理系统。 Veeder-Root TLS4B Automatic Tank Gauge System存在命令注入漏洞,该漏洞源于SOAP接口可通过Web服务处理程序访问,可能导致远程命令执行和完整shell访问。
CVSS Information
N/A
Vulnerability Type
N/A