CVE-2022-45090

Name of the Vulnerable Software and Affected Versions Smartpower Web versions prior to 23.01.01

Description The issue is related to an Improper Input Validation vulnerability that allows SQL Injection in Smartpower Web. This vulnerability can be exploited due to the lack of proper validation of user input, potentially leading to unauthorized access to sensitive data.

Recommendations For versions prior to 23.01.01, update to a version 23.01.01 or later to resolve the issue. As a temporary workaround, consider restricting access to the Smartpower Web application until the update can be applied. Additionally, restricting user input to only expected and validated formats can help minimize the risk of exploitation.