Anevia Flamingo XL 3.6.20 - 经过身份验证的根远程代码执行

最新推荐文章于 2024-10-06 09:54:37 发布

瑆箫

最新推荐文章于 2024-10-06 09:54:37 发布

阅读量119

点赞数

文章标签：运维服务器

本文链接：https://blog.csdn.net/mo3408/article/details/131220513

版权

web前端技术同时被 2 个专栏收录

274 篇文章 12 订阅 ¥129.90 ¥299.90

订阅专栏

超级会员免费看

后端

260 篇文章 13 订阅 ¥99.90 ¥299.90

订阅专栏

超级会员免费看

Anevia Flamingo XL 3.6.20 版本存在一个严重的安全问题，允许经过身份验证的攻击者执行远程代码。这一漏洞可能使服务器面临被恶意操控的风险。

摘要由CSDN通过智能技术生成

执行如下：

Exploit Title: Anevia Flamingo XL 3.6.20 - Authenticated Root Remote Code Execution
Exploit Author: LiquidWorm
Vendor: Ateme
Product web page: https://www.ateme.com
Affected version: 3.6.20, 3.2.9
                  Hardware revision 1.1, 1.0
                  SoapLive 2.4.1, 2.0.3
                  SoapSystem 1.3.1

Summary: Flamingo XL, a new modular and high-density IPTV head-end
product for hospitality and corporate markets. Flamingo XL captures
live TV and radio content from satellite, cable, digital terrestrial
and analog sources before streaming it over IP networks to STBs, PCs
or other IP-connected devices. The Flamingo XL is based upon a modular
4U rack hardware platform that allows hospitality and corporate video
service provid

了解本专栏