CVE-2022-46764

Name of the Vulnerable Software and Affected Versions TrueConf Server version 5.2.0.10225

Description A SQL injection issue in the web API allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution.

Recommendations For TrueConf Server version 5.2.0.10225, consider disabling the web API until a patch is available to prevent remote code execution. Restrict access to the web API to minimize the risk of exploitation. Avoid using the web API for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.