CVE-2020-12014

Summary

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Input is not properly sanitized and may allow an attacker to inject SQL commands.

Affected Software

VendorProductVersion RangeStatus
n/aAdvantech WebAccess NodeWebAccess Node Version 8.4.4 and prior, WebAccess Node Version 9.0.0affected

Weaknesses

  • CWE-89: IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND ('SQL INJECTION') CWE-89

ADP Enrichment

CVE Program Container

Additional References

References