exploitDog

CVE-2024-9968

Опубликовано: 15 окт. 2024

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

WebEIP v3.0 from

NewType does not properly validate user input, allowing remote attackers with regular privilege to inject SQL commands to read, modify, and delete data stored in database. The affected product is no longer maintained. It is recommended to upgrade to the new product.

Ссылки

https://www.twcert.org.tw/en/cp-139-8133-2cc3a-2.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-8132-160bb-1.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:newtype:webeip:3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01172

Низкий

8.8 High

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-q47f-prmv-x9hp

CVSS3: 8.8

github

больше 1 года назад

WebEIP v3.0 from NewType does not properly validate user input, allowing remote attackers with regular privilege to inject SQL commands to read, modify, and delete data stored in database. The affected product is no longer maintained. It is recommended to upgrade to the new product.

EPSS

Процентиль: 78%

0.01172

Низкий

8.8 High

CVSS3

Дефекты

CWE-89