CVE-2017-20195

Name of the Vulnerable Software and Affected Versions LUNAD3v AreaLoad up to 1a1103182ed63a06dde63d1712f3262eda19c3ec

Description A critical issue affects the processing of the file request.php, where the manipulation of the phone argument leads to sql injection. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations Apply the patch named 264813c546dba03989ac0fc365f2022bf65e3be2 to fix this issue. As a temporary workaround, consider restricting the use of the phone argument in the request.php file until the patch is applied.