CVE-2022-26669

Summary

ASUS Control Center is vulnerable to SQL injection. An authenticated remote attacker with general user privilege can inject SQL command to specific API parameters to acquire database schema or access data.

Affected Software

VendorProductVersion RangeStatus
ASUSControl Center1.4.2.5affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References