CVE-2025-59379

Name of the Vulnerable Software and Affected Versions DwyerOmega Isensix Advanced Remote Monitoring System (ARMS) version 1.5.7

Description The software allows an attacker to retrieve sensitive information from the underlying SQL database via Blind SQL Injection through the user parameter in the login page. This could allow an attacker to steal credentials, potentially in cleartext, from existing users and administrators, and then use those credentials to authenticate to the application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.