Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
erase-install prior to v40.4 commit 2c31239 writes swiftDialog credential output to a hardcoded path /var/tmp/dialog.json. This allows an unauthenticated attacker to intercept admin credentials entered during reinstall/erase operations via creating a named pipe.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
erase-install 安全漏洞
Vulnerability Description
erase-install是Graham Pugh个人开发者的一个macOS系统重装与升级脚本。 erase-install v40.4之前版本存在安全漏洞,该漏洞源于将凭证输出写入硬编码路径,可能导致未经验证的攻击者拦截管理员凭据。
CVSS Information
N/A
Vulnerability Type
N/A