PT-2026-1099 · Mars · Mars
Greengrass
+1
·
Publicado
2026-01-02
·
Atualizado
2026-01-06
·
CVE-2025-59387
CVSS v4.0
8.1
Alta
| Vetor | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
MARS (Multi-Application Recovery Service) versions prior to 1.2.1.1686
Description
An SQL injection issue affects MARS (Multi-Application Recovery Service). Successful exploitation could allow remote attackers to execute unauthorized code or commands. It is estimated that over 3.25 million instances are exposed. The vulnerability allows attackers to potentially execute unauthorized code or commands through SQL injection. The API endpoints and vulnerable parameters are not specified.
Recommendations
Update MARS (Multi-Application Recovery Service) to version 1.2.1.1686 or later.
Correção
SQL injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Mars