漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in the OPC.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. Exploitation requires user interaction, specifically opening a specially crafted file, which then causes the application to deserialize the malicious data, enabling Remote Code Execution (RCE). This can lead to a complete compromise of the system running the OPC.Testclient.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
可信数据的反序列化
Vulnerability Title
Bosch Rexroth IndraWorks 安全漏洞
Vulnerability Description
Bosch Rexroth IndraWorks是德国力士乐(Bosch Rexroth)公司的一个通用工程框架软件。 Bosch Rexroth IndraWorks存在安全漏洞,该漏洞源于解析包含恶意序列化数据的特制文件时存在反序列化问题,可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A