CVE-2024-12913
8.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Megatek Communication System Azora Wireless Network Management allows SQL Injection.
This issue affects Azora Wireless Network Management: through 20250916.
NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Megatek Communication System | Azora Wireless Network Management | 0 <= 20250916 | affected |
Weaknesses
- CWE-89: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
References
- https://www.usom.gov.tr/bildirim/tr-25-0253
- https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0253
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.