Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Permissive Cross-domain Policy with Untrusted Domains in coolercontrold
Vulnerability Description
CORS misconfiguration in CoolerControl/coolercontrold <4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
过度许可的跨域白名单
Vulnerability Title
CoolerControl 安全漏洞
Vulnerability Description
CoolerControl是CoolerControl开源的一个冷却设备控制软件。 CoolerControl 4.0.0之前版本存在安全漏洞,该漏洞源于CORS配置错误,可能导致未经验证的远程攻击者通过恶意网站读取数据并向服务发送命令。
CVSS Information
N/A
Vulnerability Type
N/A