3 matches found
CVE-2023-38029
Saho’s attendance devices ADM100 and ADM-100FP has insufficient filtering for special characters and file type within their file uploading function. A unauthenticate remote attacker authenticated can upload and execute arbitrary files to perform arbitrary system commands or disrupt service...
Saho ADM100 、ADM-100FP 访问控制错误漏洞
The Saho ADM100 and Saho ADM-100FP are both full-service security appliances from Saho Corporation. An access control error vulnerability exists in the Saho ADM100 and ADM-100FP, which could allow an unauthenticated attacker to bypass authentication by modifying the path to a Web site, read syste...
Saho ADM100 、ADM-100FP 代码问题漏洞
Saho ADM100 and Saho ADM-100FP are both full-service security devices from Saho. Saho attendance devices ADM100 , ADM-100FP has a code issue vulnerability, the vulnerability stems from insufficient filtering of special characters and file types in the file upload function, a remote attacker...