漏洞标题
WAGO: Managed Switch中的OS命令注入漏洞
漏洞描述信息
WAGO:管理交换机中的OS命令注入漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
漏洞标题
WAGO: OS Command Injection Vulnerability in Managed Switch
漏洞描述信息
A vulnerability in the web-based management allows an unauthenticated remote attacker to inject arbitrary system commands and gain full system control. Those commands are executed with root privileges. The vulnerability is located in the user request handling of the web-based management.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
漏洞标题
WAGO Industrial Managed Switch 安全漏洞
漏洞描述信息
WAGO Industrial Managed Switch是德国万可(WAGO)公司的一系列工业以太网交换机。 WAGO Industrial Managed Switch存在安全漏洞,该漏洞源于允许未经身份验证的远程攻击者注入任意系统命令并获得完整的系统控制权。
CVSS信息
N/A
漏洞类别
其他