Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OneUptime is Vulnerable to Privilege Escalation via Login Response Manipulation
Vulnerability Description
OneUptime is a solution for monitoring and managing online services. Prior to version 8.0.5567, OneUptime is vulnerable to privilege escalation via Login Response Manipulation. During the login process, the server response included a parameter called isMasterAdmin. By intercepting and modifying this parameter value from false to true, it is possible to gain access to the admin dashboard interface. However, an attacker may be unable to view or interact with the data if they still do not have sufficient permissions. This issue has been patched in version 8.0.5567.
CVSS Information
N/A
Vulnerability Type
访问控制不恰当
Vulnerability Title
OneUptime 访问控制错误漏洞
Vulnerability Description
OneUptime是OneUptime开源的一个全面的解决方案。用于监控和管理您的在线服务。 OneUptime 8.0.5567之前版本存在访问控制错误漏洞,该漏洞源于登录响应操纵,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A