漏洞标题
北京百措智能S150管理平台备份文件download.php信息泄露
漏洞描述信息
在Beijing Baichuo Smart S150管理平台V31R02B15中发现了分类为问题的漏洞。影响备份文件处理程序组件/log/download.php文件的未知部分。操纵导致信息泄露。有可能远程发起攻击。攻击的复杂性相当高。可利用性被描述为困难。已将利用程序公开并可以使用。为该漏洞分配了标识符VDB-251541。注意:早些时候已联系供应商有关此披露,但未以任何方式回应。
CVSS信息
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
漏洞类别
信息暴露
漏洞标题
Byzoro Smart S150 Management Platform Backup File download.php information disclosure
漏洞描述信息
A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-251541 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS信息
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
漏洞类别
信息暴露
漏洞标题
Beijing Baichuo Smart S150 信息泄露漏洞
漏洞描述信息
Beijing Baichuo Smart S150是中国北京百卓(Beijing Baichuo)公司的一款上网行为管理设备。 Beijing Baichuo Smart S150 Management Platform V31R02B15版本存在信息泄露漏洞,该漏洞源于文件/log/download.php会导致信息泄露。
CVSS信息
N/A
漏洞类别
信息泄露