CVE-2025-64092

Summary

This vulnerability allows unauthenticated attackers to inject an SQL request into GET request parameters and directly query the underlying database.

Affected Software

VendorProductVersion RangeStatus
ZenitelICX500<1.4.3.3affected
ZenitelICX510<1.4.3.3affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References