漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Incorrect access control on Dataphone A920 v2025.07.161103 exposes a service on port 8888 by default on the local network without authentication. This allows an attacker to interact with the device via a TCP socket without credentials. Additionally, sending an HTTP request to the service on port 8888 triggers an error in the response, which exposes the functionality, headers identifying Paytef dataphone packets, and the build version.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dataphone A920 安全漏洞
Vulnerability Description
Dataphone A920是美国Dataphone公司的一款POS机。 Dataphone A920 v2025.07.161103版本存在安全漏洞,该漏洞源于默认情况下在本地网络上暴露端口8888的服务且未进行身份验证,可能导致未经授权的设备交互和信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A