CVE-2023-21412

Summary

User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections.

Affected Software

VendorProductVersion RangeStatus
Axis Communications ABAXIS License Plate Verifier2.8.3 or earlieraffected

Weaknesses

  • CWE-89: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References