Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Comet System H3531 Web-based Management setupA.cfg missing authentication
Vulnerability Description
A vulnerability was found in Comet System T0510, T3510, T3511, T4511, T6640, T7511, T7611, P8510, P8552 and H3531 1.60. Affected by this issue is some unknown functionality of the file /setupA.cfg of the component Web-based Management Interface. Performing manipulation results in missing authentication. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitation is known to be difficult. The exploit has been made public and could be used. There are still doubts about whether this vulnerability truly exists. The vendor explains, that "[d]evices described at CVE are not intended to be exposed into internet and proper security of devices is to end-users."
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
Comet System多款产品 安全漏洞
Vulnerability Description
Comet System T0510等都是Comet System公司的一款温度传感器。 Comet System多款产品存在安全漏洞,该漏洞源于文件/setupA.cfg缺少身份验证。以下产品和版本呢受到影响:T0510、T3510、T3511、T4511、T6640、T7511、T7611、P8510、P8552和H3531 1.60版本。
CVSS Information
N/A
Vulnerability Type
N/A