漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
UGREEN CM933 Administrative missing authentication
Vulnerability Description
A security vulnerability has been detected in UGREEN CM933 1.1.59.4319. The impacted element is an unknown function of the component Administrative Interface. Such manipulation leads to missing authentication. The attack requires being on the local network. You should upgrade the affected component. The vendor replied: "We have successfully confirmed and reproduced the issue. We take this matter very seriously and have incorporated the fix into our development schedule. The issue is scheduled to be resolved in the release version coming in late April."
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
UGREEN CM933 授权问题漏洞
Vulnerability Description
UGREEN CM933是中国绿联(UGREEN)公司的一款提供多接口扩展与数据传输功能的USB集线器设备。 UGREEN CM933 1.1.59.4319版本存在授权问题漏洞,该漏洞源于管理接口组件中未知功能导致缺少身份验证,攻击者需位于本地网络。
CVSS Information
N/A
Vulnerability Type
N/A