Sangfor EDR 漏洞列表
共找到 6 个与 Sangfor EDR 相关的漏洞
📅 加载漏洞趋势中...
-
sangfor-edr-arbitrary-admin-login: sangfor-edr-arbitrary-admin-login POC
终端检测响应平台EDR -
sangfor-edr-cssp-rce: Sangfor EDR 3.2.17R1/3.2.21 - Remote Code Execution POC
Sangfor EDR 3.2.17R1/3.2.21 allows remote unauthenticated users to to execute arbitrary commands. app="sangfor" -
CNVD-2020-46552: Sangfor EDR - Remote Code Execution POC
Sangfor Endpoint Monitoring and Response Platform (EDR) contains a remote code execution vulnerability. An attacker could exploit this vulnerability by constructing an HTTP request which could execute arbitrary commands on the target host. -
sangfor-edr-auth-bypass: Sangfor EDR - Authentication Bypass POC
Sangfor EDR contains an authentication bypass vulnerability. An attacker can access the system with admin privileges by accessing the login page directly using a provided username rather than going through the login screen without providing a username. This makes it possible to obtain sensitive information, modify data, and/or execute unauthorized operations. -
sangfor-edr-rce: Sangfor EDR 3.2.17R1/3.2.21 - Remote Code Execution POC
Sangfor EDR 3.2.17R1/3.2.21 allows remote unauthenticated users to to execute arbitrary commands. -
Sangfor EDR /tool/log/c.php文件 host 参数命令执行漏洞 无POC
终端检测响应平台(EDR)是由深信服科技股份有限公司开发的终端安全解决方案。EDR管理平台支持统一化的终端资产管理、终端病毒查杀、终端合规性检查和访问控制策略管理,支持对安全事件的一键隔离处置,以及对热点事件IOC的全网威胁定位。绝大多数的 EDR 管理平台部署于内网环境中,少数系统可以通过外网地址访问。深信服终端监测响应平台(EDR)3.2.16、3.2.17、3.2.19 存在远程命令执行漏洞。攻击者可通过构造HTTP请求来利用此漏洞,成功利用此漏洞的攻击者可以在目标主机上执行任意命令。