漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Use of a hard-coded AES-256-CBC key in the configuration backup/restore implementation of Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote authenticated users to decrypt, modify, and re-encrypt device configurations, enabling credential manipulation and privilege escalation via the GUI import/export functions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sercomm SCE4255W 安全漏洞
Vulnerability Description
Sercomm SCE4255W是中国台湾中磊(Sercomm)公司的一款宽带网关设备。 Sercomm SCE4255W DG3934v3@2308041842之前版本存在安全漏洞,该漏洞源于配置备份/恢复实现中使用硬编码AES-256-CBC密钥,可能导致凭据操纵和权限提升。
CVSS Information
N/A
Vulnerability Type
N/A