CVE-2023-37372

Name of the Vulnerable Software and Affected Versions RUGGEDCOM CROSSBOW versions prior to V5.4

Description The issue is related to a lack of protection against SQL query structure attacks, making the system vulnerable to SQL injection. This could allow an unauthenticated remote attacker to execute arbitrary SQL queries on the server database.

Recommendations For versions prior to V5.4, update to version V5.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the database server to minimize the risk of exploitation. Avoid using vulnerable SQL queries until the issue is resolved.