← voltar
CVE-2015-6004

CVE-2015-6004

EPSS 2.3%
Multiple SQL injection vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to execute arbitrary SQL commands via (1) the UniqueID (aka sUniqueID) parameter to WrFreeFormText.asp in the Reports component or (2) the Find Device parameter.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://community.rapid7.com/community/infosec/blog/2015/12/16/multiple-disclosures-for-multiple-network-management-systemshttps://www.kb.cert.org/vuls/id/176160http://twitter.com/ipswitch/statuses/677558623229317121http://www.securityfocus.com/bid/79506http://www.securitytracker.com/id/1034833