漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Improper Restriction of Communication Channel to Intended Endpoints and External Control of File Name or Path in Aura Wallpaper Service allow a local user to perform file operations by sending crafted commands containing an arbitrary file path and bypassing the service’s path restrictions . On specific models , this can also cause a single feature to become unavailable . Refer to the ' Security Update for Aura Wallpaper Service ' section on the ASUS Security Advisory for more information.
CVSS Information
N/A
Vulnerability Type
通信信道对预期端点的不适当限制
Vulnerability Title
ASUS Aura Wallpaper Service 输入验证错误漏洞
Vulnerability Description
ASUS Aura Wallpaper Service是中国ASUS公司的一款桌面壁纸服务程序。 ASUS Aura Wallpaper Service v2.1.15.0及之前的v2.1.8.x版本存在安全漏洞,该漏洞源于对通信信道到预期终端的限制不当以及外部控制文件名或路径,允许本地用户通过发送包含任意文件路径的特制命令并绕过服务路径限制来执行文件操作。
CVSS Information
N/A
Vulnerability Type
N/A