CNNVD-202601-1023 Information
CNNVD ID
CNNVD-202601-1023
Related CVE
- CNNVD Published: 2026-01-06
Description (Chinese)
Phoenix Contact iDS6 DSSPro是美国iDS6公司的一款数字标牌管理系统。 Phoenix Contact iDS6 DSSPro 6.2版本存在安全漏洞,该漏洞源于存在访问控制不当漏洞,可能导致创建用户、修改角色和权限,并可能完全接管应用程序。
Description (English)
Phoenix Contact iDS6 DSSPro is a digital tag management system for iDS6 in the United States. Version 6.2 of Phoenix Contact iDS6 DSSPro contains a security loophole, which stems from inappropriate access controls, may lead to the creation of users, changes in roles and privileges and the possible full takeover of applications.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
iDS6
Published
2026-01-06
Last Modified
2026-02-24
References
https://cxsecurity.com/issue/WLB-2020110025 https://exchange.xforce.ibmcloud.com/vulnerabilities/191260 https://packetstorm.news/files/id/159918 http://www.yerootech.com/ https://web.archive.org/web/20200919100215/ https://www.exploit-db.com/exploits/48992 https://www.vulncheck.com/advisories/ids-dsspro-digital-signage-system-privilege-escalation-via-access-control https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5608.php
Share on: