exploitDog

GHSA-498m-2jp9-66x5

Опубликовано: 08 фев. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Log Management functionality in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecified vectors.

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Log Management functionality in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecified vectors.

Ссылки

EPSS

Процентиль: 61%

0.00406

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2021-43926

CVSS3: 4.7

nvd

около 4 лет назад

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Log Management functionality in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecified vectors.

EPSS

Процентиль: 61%

0.00406

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89