漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Credentials exposure in tinycontrol devices
Vulnerability Description
Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 allow a low privileged user to read an administrator's password by directly accessing a specific resource inaccessible via a graphical interface. This issue has been fixed in firmware versions: 1.36 (for tcPDU), 1.67 (for LK3.5 - hardware versions: 3.5, 3.6, 3.7 and 3.8), 1.75 (for LK3.9 - hardware version 3.9) and 1.38 (for LK4 - hardware version 4.0).
CVSS Information
N/A
Vulnerability Type
直接请求(强制性浏览)
Vulnerability Title
Tinycontrol多款产品 安全漏洞
Vulnerability Description
Tinycontrol tcPDU等都是波兰Tinycontrol公司的产品。Tinycontrol tcPDU是一款网络分配单元。Tinycontrol LAN Controllers LK3.5是一款环境参数远程监控和控制设备。Tinycontrol LAN Controllers LK3.9是一款环境参数远程监控和控制设备。 Tinycontrol多款产品存在安全漏洞,该漏洞源于低权限用户可直接访问特定资源,可能导致读取管理员密码。以下产品受到影响:Lan Kontroler v3.5、LK3.9、
CVSS Information
N/A
Vulnerability Type
N/A