漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Shibby Tomato start_jffs2 sub_2D568 os command injection
Vulnerability Description
A security flaw has been discovered in Shibby Tomato up to 1.28.0000. Affected by this issue is the function sub_2D568 of the component start_jffs2. Performing a manipulation of the argument jffs2_exec results in os command injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. This project is superseded by FreshTomato.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Shibby Tomato 命令注入漏洞
Vulnerability Description
shibby tomato是shibby的路由器。 Shibby Tomato 1.28.0000及之前版本存在命令注入漏洞,该漏洞源于start_jffs2组件中函数sub_2D568对参数jffs2_exec的操作导致os命令注入,攻击者可能远程利用该漏洞。
CVSS Information
N/A
Vulnerability Type
N/A