CVE-2024-33335

Name of the Vulnerable Software and Affected Versions H3C SeaSQL DWS version 2.0

Description The issue allows a remote attacker to execute arbitrary code via a crafted file. This is a result of a SQL Injection vulnerability in the H3C SeaSQL DWS product.

Recommendations For H3C SeaSQL DWS version 2.0, consider restricting access to the system until a patch is available to prevent remote attackers from executing arbitrary code. As a temporary workaround, avoid using crafted files that could trigger the SQL Injection vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.