Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Columbia Weather Systems MicroServer Improper Restriction of Communication Channel to Intended Endpoints
Vulnerability Description
An unused function in MicroServer can start a reverse SSH connection to a vendor registered domain, without mutual authentication. An attacker on the local network with admin access to the web server, and the ability to manipulate DNS responses, can redirect the SSH connection to an attacker controlled device.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
通信信道对预期端点的不适当限制
Vulnerability Title
Columbia Weather Systems MicroServer 安全漏洞
Vulnerability Description
Columbia Weather Systems MicroServer是美国Columbia Weather Systems公司的一个气象数据服务器。 Columbia Weather Systems MicroServer存在安全漏洞,该漏洞源于未使用的函数可启动反向SSH连接,可能导致连接被重定向至攻击者控制的设备。
CVSS Information
N/A
Vulnerability Type
N/A