SINEC NMS is a network management system from Siemens for monitoring and managing industrial networks.A SQL injection vulnerability exists in versions prior to SINEC NMS 1.0 SP2 Update 1, which could be exploited by an attacker with privileged credentials to execute arbitrary commands in the local database by sending a manual request to the affected application’s web server.