Unknown · Rg-Eg Series Gateway Eg350 Eg Rgos · CVE-2022-33128
**Name of the Vulnerable Software and Affected Versions**
RG-EG series gateway EG350 EG RGOS version 11.1(6)
**Description**
The issue is related to a SQL injection vulnerability. It can be exploited via the `get alarmAction` function at the "/alarm pi/alarmService.php" API endpoint.
**Recommendations**
For RG-EG series gateway EG350 EG RGOS version 11.1(6), consider disabling the `get alarmAction` function at the "/alarm pi/alarmService.php" API endpoint as a temporary workaround until a patch is available.