lukaszstu/SmartAsset-SQLinj-CVE-2020-26525

lukaszstu/SmartAsset-SQLinj-CVE-2020-26525

GitHubGitHub
GitHubgithub.com
Releases0
Stars1
Damstra Smart Asset 2020.7 has SQL injection via the API/api/Asset originator parameter.
Log in to subscribe

CVE History

CVEPublishedCVSS v3CVSS v2
CVE-2020-26525
9.1 CRITICAL6.4 MEDIUM

Damstra Smart Asset 2020.7 has SQL injection via the API/api/Asset originator parameter. This allows forcing the database and server to initiate remote connections to third party DNS servers.