exploitDog

CVE-2023-2851

Опубликовано: 25 мая 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AGT Tech Ceppatron allows Command Line Execution through SQL Injection, SQL Injection.This issue affects all versions of the sofware also EOS when CVE-ID assigned.

Ссылки

https://www.usom.gov.tr/bildirim/tr-23-0294
Third Party Advisory
https://www.usom.gov.tr/bildirim/tr-23-0294
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:agtteknik:ceppatron:-:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00077

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-qhr2-29wh-7gwf

CVSS3: 10

github

больше 2 лет назад

** UNSUPPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AGT Tech Ceppatron allows Command Line Execution through SQL Injection, SQL Injection.This issue affects all versions of the sofware also EOS when CVE-ID assigned.

EPSS

Процентиль: 23%

0.00077

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89