CVE-2020-7500

Name of the Vulnerable Software and Affected Versions U.motion Servers and Touch Panels (affected versions not specified)

Description A SQL Injection vulnerability exists due to improper neutralization of special elements used in an SQL command. This could allow an attacker to execute arbitrary code when a malicious command is entered. The issue is related to the lack of protection measures for the SQL query structure, which can be exploited by a remote attacker.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.