漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Ilevia EVE X1 Server 4.7.18.0.eden Neuro-Core Unauthenticated Code Injection
Vulnerability Description
Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains an unauthenticated OS command injection vulnerability in the /ajax/php/login.php script. Remote attackers can execute arbitrary system commands by injecting payloads into the 'passwd' HTTP POST parameter, leading to full system compromise or denial of service.
CVSS Information
N/A
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Ilevia EVE X1 Server 安全漏洞
Vulnerability Description
Ilevia EVE X1 Server是意大利Ilevia公司的一款智能家居与楼宇自动化。 Ilevia EVE X1 Server 4.7.18.0.eden及之前版本存在安全漏洞,该漏洞源于/ajax/php/login.php脚本中存在未经验证的OS命令注入,可能导致执行任意系统命令或拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A