CVE-2024-49620

Name of the Vulnerable Software and Affected Versions FERMA.Ru.Net versions 1.3.3 and earlier

Description The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, due to the improper neutralization of special elements used in an SQL command. This allows an attacker to inject malicious SQL code, potentially leading to unauthorized access or manipulation of data. The estimated number of potentially affected devices is not provided, and there is no information about real-world incidents where this issue was exploited.

Recommendations For FERMA.Ru.Net versions 1.3.3 and earlier, consider disabling or restricting the use of SQL commands until a patch is available. As a temporary workaround, restrict access to sensitive data and monitor database activity closely to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.