EPSS
Percentile
60.9%
Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/call_details?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different injection points.
securityshards.wordpress.com/2018/10/02/cve-2018-17562-faxfinder-5-0-5-8-sqlite-inejection-vulnerability/