CVE-2022-25225

CVE-2022-25225

Network Olympus version 1.8.0 allows an authenticated admin user to inject SQL queries in ‘/api/eventinstance’ via the ‘sqlparameter’ JSON parameter. It is also possible to achieve remote code execution in the default installation (PostgreSQL) by exploiting this issue.

Source: CVE-2022-25225

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다