exploitDog

GHSA-vcp7-93pm-gh73

Опубликовано: 08 фев. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Security Management functionality in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecified vectors.

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Security Management functionality in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecified vectors.

Ссылки

EPSS

Процентиль: 61%

0.00415

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2021-43927

CVSS3: 4.7

nvd

около 4 лет назад

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Security Management functionality in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecified vectors.

EPSS

Процентиль: 61%

0.00415

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89