漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability
Vulnerability Description
AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of screen recording files. By creating a junction, an attacker can abuse the service to create arbitrary files. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-26591.
CVSS Information
N/A
Vulnerability Type
在文件访问前对链接解析不恰当(链接跟随)
Vulnerability Title
AnyDesk 后置链接漏洞
Vulnerability Description
AnyDesk是德国AnyDesk公司的一款远程桌面连接软件。 AnyDesk 9.0.4版本存在后置链接漏洞,该漏洞源于对屏幕录制文件的链接处理问题,可能导致本地攻击者创建连接点滥用服务创建任意文件,造成拒绝服务条件。
CVSS Information
N/A
Vulnerability Type
N/A