漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
INIM Electronics Smartliving SmartLAN/G/SI <=6.x Unauthenticated SSRF via GetImage
Vulnerability Description
Smartliving SmartLAN/G/SI <=6.x contains an unauthenticated server-side request forgery vulnerability in the GetImage functionality through the 'host' parameter. Attackers can exploit the onvif.cgi endpoint by specifying external domains to bypass firewalls and perform network enumeration through arbitrary HTTP requests.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Inim SmartLiving SmartLAN/SI和Inim SmartLiving SmartLAN/G 代码问题漏洞
Vulnerability Description
Inim SmartLiving SmartLAN/SI和Inim SmartLiving SmartLAN/G都是意大利Inim公司的一系列网络通信扩展模块。 Inim SmartLiving SmartLAN/SI和Inim SmartLiving SmartLAN/G 6.x及之前版本存在代码问题漏洞,该漏洞源于对host参数未验证输入,可能导致服务端请求伪造攻击。
CVSS Information
N/A
Vulnerability Type
N/A