Dimitris Glynos

**Name of the Vulnerable Software and Affected Versions** ATCOM Netvolution version 2.5.8 **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `Referer` HTTP header, potentially leading to unauthorized data access or modification. **Recommendations** For ATCOM Netvolution version 2.5.8, consider restricting access to the SQL database or implementing input validation to prevent malicious SQL commands from being executed. As a temporary workaround, restrict the use of the `Referer` HTTP header to minimize the risk of exploitation.