一、 漏洞 CVE-2026-23746 基础信息
漏洞信息
# Entrust IFI SmartCardController RCE漏洞
## 概述
Entrust Instant Financial Issuance (IFI) On Premise 软件(原 CardWizard)存在不安全的 .NET Remoting 暴露漏洞,影响 SmartCardController 服务(DCG.SmartCardControllerService.exe),可被远程未认证攻击者利用。
## 影响版本
- 5.x 版本
- 6.10.5 之前版本
- 6.11.1 之前版本
## 细节
SmartCardController 服务注册了使用不安全序列化设置的 TCP remoting 通道,允许未受信任的远程对象调用。攻击者可通过网络访问 remoting 端口,调用暴露的对象。
## 影响
攻击者可利用该漏洞:
- 读取服务器上的任意文件
- 强制发起出站认证(如 NTLM 中继攻击)
- 通过已知 .NET Remoting 利用技术实现任意文件写入和远程代码执行
- 获取敏感安装信息和服务账户数据
- 最终导致主机完全被控制
神龙判断
是否为 Web 类漏洞: 未知
判断理由:
N/A
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
Entrust Instant Financial Issuance (IFI) SmartCardController Service .NET Remoting RCE
来源:美国国家漏洞数据库 NVD
漏洞描述信息
Entrust Instant Financial Issuance (IFI) On Premise software (formerly referred to as CardWizard) versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service (DCG.SmartCardControllerService.exe). The service registers a TCP remoting channel with unsafe formatter/settings that permit untrusted remoting object invocation. A remote, unauthenticated attacker who can reach the remoting port can invoke exposed remoting objects to read arbitrary files from the server and coerce outbound authentication, and may achieve arbitrary file write and remote code execution via known .NET Remoting exploitation techniques. This can lead to disclosure of sensitive installation and service-account data and compromise of the affected host.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
关键功能的认证机制缺失
来源:美国国家漏洞数据库 NVD
漏洞标题
Each Italy Wireless Mini Router WIRELESS-N 300M 代码问题漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Each Italy Wireless Mini Router WIRELESS-N 300M是Each Italy公司的一款无线路由器。 Entrust Instant Financial Issuance On Premise 6.10.5之前版本和6.11.1之前版本存在代码问题漏洞,该漏洞源于SmartCardController服务存在不安全的.NET Remoting暴露,可能导致任意文件读取、远程代码执行和主机被破解。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
代码问题
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2026-23746 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|
三、漏洞 CVE-2026-23746 的情报信息
标题: Attention Required! | Cloudflare -- 🔗来源链接
标签:product
神龙速读:- **Blocked by Cloudflare**: The website is being protected by Cloudflare's security services. - **Potential Triggers**: Specific actions, such as submitting certain words/phrases, SQL commands, or malformed data, may have triggered the block. - **Contact Information**: Site owners can be contacted via email to address the block. - **Cloudflare Ray ID**: 9c0a81210a5129c4, useful for troubleshooting. - **Visitor IP**: Concealed until explicitly revealed.
标题: Entrust Instant Financial Issuance (IFI) SmartCardController Service .NET Remoting RCE | Advisories | VulnCheck -- 🔗来源链接
标签:third-party-advisory
神龙速读:## 关键信息 ### 漏洞名称 Entrust Instant Financial Issuance (IFI) SmartCardController Service .NET Remoting RCE ### 严重性 Critical ### 发布日期 January 15, 2026 ### 漏洞ID CVE-2026-23746 ### 相关CWE - CWE-306 Missing Authentication for Critical Function - CWE-502 Deserialization of Untrusted Data ### CVSS评分 9.3 ### CVSS V4向量 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N ### 描述 Entrust Instant Financial Issuance (IFI) On Premise software (formerly referred to as CardWizard) versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service (DCG.SmartCardControllerService.exe). The service registers a TCP Remoting Channel, but has unsafe formatter/settings that allow untrusted remote object invocation. A remote, unauthenticated attacker who can reach the Remoting port can invoke exposed remote objects to read arbitrary files from the server and coerce outbound authentication, and may achieve arbitrary file write and remote code execution via known Remoting exploitation techniques. This can lead to disclosure of sensitive installation and service-account data and compromise of the affected host. ### 参考链接 - Instant Financial Issuance (IFI) Product Webpage - Entrust Customer Portal Vendor Advisory
标题: Login | TrustedCare -- 🔗来源链接
标签:vendor-advisorypatch
神龙速读:- **Company**: Entrust TrustedCare - **Login Options**: - Entrust Customer or Partner Login - Employee Login here - **Cookie Consent Banner**: - Website utilizes cookies for site functionality, analytics, personalization, and targeted advertising. - Cookie Policy link is available. - Options to: - Save settings - Accept All cookies - Reject Non-Essential cookies - Users can customize preferences for: - Targeted Advertising - Personalization - Analytics - **Potential Vulnerability**: - No explicit vulnerabilities are directly visible from the screenshot. However, the cookie consent banner indicates the use of cookies, which if not properly managed, could potentially lead to security risks such as cross-site scripting (XSS), session hijacking, or information leakage. Further analysis of the website's implementation of cookies, including cookie attributes like `HttpOnly`, `Secure`, and `SameSite` settings, would be necessary to assess any specific vulnerabilities.
- https://nvd.nist.gov/vuln/detail/CVE-2026-23746
四、漏洞 CVE-2026-23746 的评论
暂无评论