Описание
Ecava IntegraXor HMI before n 3.60 (Build 4032) allows remote attackers to bypass authentication and execute arbitrary SQL statements via unspecified vectors related to a crafted POST request. NOTE: some sources have reported this issue as SQL injection, but this might not be accurate.
Ссылки
- PatchVendor Advisory
- PatchUS Government Resource
- Vendor Advisory
- PatchVendor Advisory
- PatchUS Government Resource
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.60 (включая)
cpe:2.3:a:ecava:integraxor:*:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01033
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
больше 3 лет назад
Ecava IntegraXor HMI before n 3.60 (Build 4032) allows remote attackers to bypass authentication and execute arbitrary SQL statements via unspecified vectors related to a crafted POST request. NOTE: some sources have reported this issue as SQL injection, but this might not be accurate.
EPSS
Процентиль: 77%
0.01033
Низкий
7.5 High
CVSS2
Дефекты
CWE-89