Lucene search
HistorySep 25, 2024 - 1:15 a.m.
CVE-2024-8877
cve-2024-8877
riello netman 204
sql injection
sqlite
netman 204: through 4.05
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
39.6%
Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It is only limited to the SQLite database of measurement data.This issue affects Netman 204: through 4.05.
Affected configurations
Node
riello-upsnetman_204_firmwareRange≤4.05
riello-upsnetman_204Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| riello-ups | netman_204_firmware | * | cpe:2.3:o:riello-ups:netman_204_firmware:*:*:*:*:*:*:*:* |
| riello-ups | netman_204 | - | cpe:2.3:h:riello-ups:netman_204:-:*:*:*:*:*:*:* |
Related
vulnrichment
vulnrichment
CVE-2024-8877 SQL Injection
2024-09-24 15:19:31
cvelist
cvelist
CVE-2024-8877 SQL Injection
2024-09-24 15:19:31
cve
cve
CVE-2024-8877
2024-09-25 01:15:47
packetstorm
packetstorm
Netman 204 4.05 SQL Injection / Unauthenticated Password Reset
2024-09-24 00:00:00
thn
thn
Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks
2024-09-30 11:55:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
39.6%
Related for NVD:CVE-2024-8877