← back
CVE-2021-37599

CVE-2021-37599

EPSS 3.1%
The exporter/Login.aspx login form in the Exporter in Nuance Winscribe Dictation 4.1.0.99 is vulnerable to SQL injection that allows a remote, unauthenticated attacker to read the database (and execute code in some situations) via the txtPassword parameter.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://slazarus.xyz/winscribe.htmlhttps://www.nuance.com/dragon/business-solutions/winscribe-dictation-workflow.html