CVE-2024-46510

Name of the Vulnerable Software and Affected Versions ESAFENET CDG version 5

Description A SQL injection issue was discovered in the NavigationAjax interface via the id parameter. This could potentially lead to unauthorized access and data theft. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For ESAFENET CDG version 5, patch the software immediately and validate inputs to prevent exploitation. As a temporary workaround, consider restricting access to the NavigationAjax interface or validating the id parameter to minimize the risk of exploitation.