PT-2026-28673 · Shenzhen Ruiming Technology · Streamax Crocus
0Menc
+1
·
Published
2026-03-27
·
Updated
2026-03-27
·
CVE-2026-4910
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Shenzhen Ruiming Technology Streamax Crocus versions up to 1.3.44
Description
A security issue exists in Shenzhen Ruiming Technology Streamax Crocus. The issue involves a SQL injection affecting an unknown function within the
/RemoteFormat.do file of the Endpoint component. Manipulation of the State argument can lead to SQL injection, and the attack can be launched remotely. The exploit has been publicly disclosed.Recommendations
Versions prior to 1.3.44 should be updated.
Exploit
Fix
RCE
Special Elements Injection
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Streamax Crocus