Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CVE-2026-2331
Vulnerability Description
An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access without authentication. This includes device parameter files, enabling an attacker to read and modify application settings, including customer-defined passwords. Additionally, exposure of the custom application directory may allow execution of arbitrary Lua code within the sandboxed AppEngine environment.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对外部实体的文件或目录可访问
Vulnerability Title
SICK Lector85x和SICK SICK Lector83x 安全漏洞
Vulnerability Description
SICK Lector85x和SICK SICK Lector83x都是德国SICK公司的一系列二维码图像识别读码器。 SICK Lector85x和SICK SICK Lector83x存在安全漏洞,该漏洞源于不正确的访问限制,攻击者可能会通过HTTP上的AppEngine Fileaccess对敏感的文件系统区域执行未经身份验证的读写操作。
CVSS Information
N/A
Vulnerability Type
N/A