漏洞标题
厦门四信仰视频监控管理系统 Apache Struts 无限制上传
漏洞描述信息
厦门四方视频监控管理系统Apache Struts无限制上传漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
危险类型文件的不加限制上传
漏洞标题
Xiamen Four-Faith Video Surveillance Management System Apache Struts unrestricted upload
漏洞描述信息
A vulnerability, which was classified as critical, has been found in Xiamen Four-Faith Video Surveillance Management System 2016/2017. Affected by this issue is some unknown functionality of the component Apache Struts. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-246134 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
漏洞类别
危险类型文件的不加限制上传
漏洞标题
Xiamen Four-Faith Communication Technology Video Surveillance Management System 代码问题漏洞
漏洞描述信息
Xiamen Four-Faith Communication Technology Video Surveillance Management System是中国厦门四信通信科技有限公司(Xiamen Four-Faith Communication Technology)公司的一个视频监控管理系统。 Xiamen Four-Faith Video Surveillance Management System 2016/2017版本存在代码问题漏洞。攻击者利用该漏洞导致文件上传不受限制。
CVSS信息
N/A
漏洞类别
代码问题