Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Command Injection in 1E-Nomad-RunPkgStatusRequest Instruction in TeamViewer DEX
Vulnerability Description
A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Nomad-RunPkgStatusRequest instruction. Improper input validation allows authenticated attackers with actioner privilege to run elevated arbitrary commands on connected hosts via malicious commands injected into the instruction’s input field. Users of 1E Client version 24.5 or higher are not affected.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
TeamViewer DEX Client 安全漏洞
Vulnerability Description
TeamViewer DEX Client是德国TeamViewer公司的一个数字化员工体验和终端管理软件。 TeamViewer DEX Client存在安全漏洞,该漏洞源于输入验证不当,可能导致经过身份验证的攻击者通过恶意命令注入执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A