Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OS Command Injection over API
Vulnerability Description
API endpoint for user synchronization in 2N Access Commander version 3.4.1 did not have a sufficient input validation allowing for OS command injection. This vulnerability can only be exploited after authenticating with administrator privileges.
CVSS Information
N/A
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
2N Access Commander 安全漏洞
Vulnerability Description
2N Access Commander是2N公司的一个门禁控制解决方案。 2N Access Commander 3.4.1版本存在安全漏洞,该漏洞源于用户同步API端点输入验证不足,可能导致经过管理员身份验证的攻击者实施OS命令注入。
CVSS Information
N/A
Vulnerability Type
N/A