exploitDog

GHSA-hppr-pf22-83rf

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Ссылки

EPSS

Процентиль: 56%

0.00341

Низкий

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2021-33180

CVSS3: 7.3

nvd

больше 4 лет назад

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

EPSS

Процентиль: 56%

0.00341

Низкий

CVE ID

Дефекты

CWE-89