Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Advantech DeviceOn/iEdge Path Traversal
Vulnerability Description
Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Advantech DeviceOn/iEdge 路径遍历漏洞
Vulnerability Description
Advantech DeviceOn/iEdge是中国台湾研华(Advantech)公司的一个边缘设备远程管理与运维平台。 Advantech DeviceOn/iEdge 2.0.2及之前版本存在路径遍历漏洞,该漏洞源于清理不足,可能导致攻击者上传特制配置文件进行目录遍历,并以系统权限执行远程代码。
CVSS Information
N/A
Vulnerability Type
N/A