PT-2023-22511 · Erikoglu Technology · Ermon
Gokhan Uygan
·
Publicado
2023-06-02
·
Atualizado
2026-05-22
·
CVE-2023-3000
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Erikoglu Technology ErMon versions prior to 230602
Description
The issue is related to an SQL Injection vulnerability, allowing for Command Line Execution and Authentication Bypass. This is due to the improper neutralization of special elements used in an SQL command.
Recommendations
For versions prior to 230602, update to a version 230602 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive SQL commands and authentication mechanisms to minimize the risk of exploitation.
Correção
SQL injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ermon