Описание
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘health_alt_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
EPSS
7.7 High
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
Связанные уязвимости
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘health_alt_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
Уязвимость параметра health_alt_filter (device_list.php) программного средства мониторинга состояния и функций маршрутизаторов Advantech R-SeeNet, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
7.7 High
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2