Описание
SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint_2022-04-20 . This vulnerability is critical as it can lead to remote code execution and thus complete server takeover.
Ссылки
- PatchThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- PatchThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2022-04-20 (исключая)
cpe:2.3:a:rtx_project:rtx:*:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.03816
Низкий
10 Critical
CVSS3
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-89
CWE-89
Связанные уязвимости
CVSS3: 9.8
github
почти 4 года назад
SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint_2022-04-20 . This vulnerability is critical as it can lead to remote code execution and thus complete server takeover.
EPSS
Процентиль: 88%
0.03816
Низкий
10 Critical
CVSS3
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-89
CWE-89