Guillermo Garcia Molina

**Name of the Vulnerable Software and Affected Versions** Badger Meter Monitool versions 4.6.3 and earlier **Description** A remote attacker could send a specially crafted SQL query to the server via the `j username` parameter and retrieve the information stored in the database. This issue allows an attacker to exploit the SQL injection vulnerability in the Badger Meter Monitool. **Recommendations** For versions 4.6.3 and earlier, consider disabling the `j username` parameter in the affected API endpoint until a patch is available. Restrict access to the database to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Badger Meter Monitool versions up to 4.6.3 and earlier **Description** The issue allows a local attacker to change the application's file parameter to a log file, obtaining sensitive information such as database credentials. **Recommendations** For versions up to 4.6.3 and earlier, as a temporary workaround, consider restricting access to the log files and sensitive information until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Badger Meter Monitool versions prior to 4.6.3 **Description** The issue allows an authenticated attacker to retrieve any file from the device using the download-file functionality due to incorrectly limiting the path to a restricted directory. **Recommendations** For versions prior to 4.6.3, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the download-file functionality until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Badger Meter Monitool versions up to 4.6.3 and earlier **Description** The issue is a cross-site scripting vulnerability that allows a remote attacker to send a specially crafted javascript payload to an authenticated user, potentially hijacking their browser session. **Recommendations** For versions up to 4.6.3 and earlier, update to a version later than 4.6.3 to resolve the issue. As a temporary workaround, consider restricting access to the Monitool interface to minimize the risk of exploitation.