| Titel | Zytec Central Authentication Service(融合门户) 3 Violation of Secure Design Principles |
|---|
| Beschreibung | Official website: https://www.zytec.cn/
Dalian Zhuoyun Technology Co., Ltd. was established in 2008 and is headquartered in the Dalian High-tech Industrial Park in Liaoning Province. It is a high-tech enterprise focused on the field of educational information technology.
The Dalian Zhuoyun Technology integration portal has a serious design flaw.
A Controller of this product has serious design flow, which allows unauthorized attackers to plan a remote attack.The harm it can directly cause includes but is not limited to:Remote command execution, SQL command execution, SSRF,Arbitrary File Read. |
|---|
| Quelle | ⚠️ http://x.x.x.x:38765/qwertyuiop/Vuldb/Zytec.html |
|---|
| Benutzer | BadKitty (UID 90804) |
|---|
| Einreichung | 09.10.2025 02:55 (vor 6 Monaten) |
|---|
| Moderieren | 26.10.2025 06:55 (17 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 329938 [Zytec Dalian Zhuoyun Technology Central Authentication Service bis 20251009 /index.php/auth/widget _empty get.layer/get.widget/get.action erweiterte Rechte] |
|---|
| Punkte | 20 |
|---|