CVE-2023-28701

Name of the Vulnerable Software and Affected Versions ELITE TECHNOLOGY CORP. Web Fax (affected versions not specified)

Description The issue is related to SQL Injection, where an unauthenticated remote attacker can inject SQL commands into the input field of the "login page" to perform arbitrary system commands, disrupt service, or terminate service. This is due to the lack of protection measures for the SQL query structure.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.