Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in coolercontrold
Vulnerability Description
Command injection in alerts in CoolerControl/coolercontrold <4.0.0 allows authenticated attackers to execute arbitrary code as root via injected bash commands in alert names
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
CoolerControl 操作系统命令注入漏洞
Vulnerability Description
CoolerControl是CoolerControl开源的一个冷却设备控制软件。 CoolerControl 4.0.0之前版本存在操作系统命令注入漏洞,该漏洞源于警报名称中注入bash命令,可能导致经过身份验证的攻击者以root权限执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A