ГлавнаяУязвимости → CVE-2024-8329
8.8высокая

CVE-2024-8329

Описание

6SHR system from Gether Technology does not properly validate the specific page parameter, allowing remote attackers with regular privilege to inject SQL command to read, modify, and delete database contents.

Затрагиваемое ПО
6shr system project 6shr system
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.twcert.org.tw/en/cp-139-8034-657b7-2.htmlhttps://www.twcert.org.tw/tw/cp-132-8030-e2eac-1.html