CVE-2022-1531

Summary

SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint_2022-04-20 . This vulnerability is critical as it can lead to remote code execution and thus complete server takeover.

Affected Software

VendorProductVersion RangeStatus
rtxteamrtxteam/rtxunspecified < checkpoint_2022-04-20affected

Weaknesses

  • CWE-89: CWE-89 Improper Neutralization of Special Elements used in an SQL Command

ADP Enrichment

CVE Program Container

Additional References

References