漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
D-Link D-View 8 Installer DLL Preloading via Uncontrolled Search Path
Vulnerability Description
D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in the installer. When executed with elevated privileges via UAC, the installer attempts to load version.dll from its execution directory, allowing DLL preloading. An attacker can supply a malicious version.dll alongside the legitimate installer so that, when a victim runs the installer and approves the UAC prompt, attacker-controlled code executes with administrator privileges. This can lead to full system compromise.
CVSS Information
N/A
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
D-Link D-View 8 代码问题漏洞
Vulnerability Description
D-Link D-View 8是中国友讯(D-Link)公司的一款综合网络管理软件。 D-Link D-View 8 2.0.1.107及之前版本存在代码问题漏洞,该漏洞源于安装程序中存在不受控制的搜索路径,可能导致DLL预加载和任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A