Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in NJHYST HY511 POE core before 2.1 and plugins before 0.1. The vulnerability stems from the device's insufficient cookie verification, allowing an attacker to directly request the configuration file address and download the core configuration file without logging into the device management backend. By reading the corresponding username and self-decrypted MD5 password in the core configuration file, the attacker can directly log in to the backend, thereby bypassing the front-end backend login page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Nanjing Hanyuan HY511 POE 安全漏洞
Vulnerability Description
Nanjing Hanyuan HY511 POE是中国Nanjing Hanyuan公司的一款嵌入式智能显示面板。 Nanjing Hanyuan HY511 POE 2.1之前版本和plugins 0.1之前版本存在安全漏洞,该漏洞源于设备Cookie验证不足,可能导致攻击者下载核心配置文件并绕过前端后台登录页面。
CVSS Information
N/A
Vulnerability Type
N/A