Yuan Luo

**Name of the Vulnerable Software and Affected Versions** Apache Traffic Control versions 8.0.0 through 8.0.1 **Description** A critical SQL injection vulnerability in Apache Traffic Control allows a privileged user with roles such as "admin", "federation", "operations", "portal", or "steering" to execute arbitrary SQL against the database by sending a specially crafted PUT request. This flaw can be easily exploited, potentially compromising sensitive data and disrupting critical services. It is estimated that over 365,000 services may be affected. **Recommendations** Update to version 8.0.2 as soon as possible to patch the vulnerability. Audit access permissions for high-risk roles. Double-check database configurations for security loopholes.