The Application-Level Gateway (ALG) on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 modifies PORT commands in incoming FTP traffic, which allows remote attackers to use the device's IP address for arbitrary intranet TCP traffic by leveraging write access to an intranet FTP server.

在Apple Time Capsule、AirPort Extreme 和AirPort Express 站点的固件7.5.2之前，应用程序级别 gateway(ALG)修改了 incoming FTP 流量中的 PORT 命令，使远程攻击者可以通过利用内网 FTP 服务器的写入权限，使用设备IP地址进行任意内网 TCP 流量。

NVD 暂无评分

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

NVD 暂无漏洞类别信息

神龙GPT 暂无漏洞类别信息（请耐心等待）