SQL injection vulnerability in Emerson AMS Device Manager before 13 allows remote authenticated users to gain privileges via malformed input.
7.7AI Score
0.001EPSS
Emerson AMS Device Manager v12.0 to v13.5. A specially crafted script may be run that allows arbitrary remote code execution.
9.8CVSS
9.6AI Score
0.007EPSS
Emerson AMS Device Manager v12.0 to v13.5. Non-administrative users are able to change executable and library files on the affected products.
6.5CVSS
6.4AI Score
0.001EPSS