Описание
ASUS Control Center is vulnerable to SQL injection. An authenticated remote attacker with general user privilege can inject SQL command to specific API parameters to acquire database schema or access data.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:asus:control_center:1.4.2.5:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00318
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-89
CWE-89
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
ASUS Control Center is vulnerable to SQL injection. An authenticated remote attacker with general user privilege can inject SQL command to specific API parameters to acquire database schema or access data.
EPSS
Процентиль: 54%
0.00318
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-89
CWE-89