CVE-2021-21929

Name of the Vulnerable Software and Affected Versions Advantech R-SeeNet (affected versions not specified)

Description A specially-crafted HTTP request can lead to SQL injection, allowing an attacker to make authenticated HTTP requests at the prod filter parameter. This vulnerability can be triggered by any authenticated user or through cross-site request forgery, potentially enabling remote attackers to conduct cross-site scripting attacks by sending specially crafted SQL queries.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.