Lucene search
China National Vulnerability DatabaseCNVD-2021-93824HistoryNov 25, 2021 - 12:00 a.m.
Advantech R-SeeNet SQL Injection Vulnerability (CNVD-2021-93824)
2021-11-2500:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
advantech r-seenet
sql injection
user-supplied data
name_filter" parameter
arbitrary sql queries
database
snmp protocol
windows platform
linux platform
cnvd-2021-93824
EPSS
0.001
Percentile
46.5%
Advantech R-SeeNet is an industrial monitoring software from Advantech, Taiwan, China. The software is based on the snmp protocol for monitoring platforms and is available for Linux and Windows platforms.Advantech R-SeeNet is vulnerable to a SQL injection vulnerability due to insufficient cleaning of user-supplied data in the “name_filter” parameter on the “user_list” page. An attacker can use this vulnerability to execute arbitrary SQL queries in the database.
Related
nvd
nvd
CVE-2021-21921
2021-12-22 19:15:10
cve
cve
CVE-2021-21921
2021-12-22 19:15:10
prion
prion
Cross site request forgery (csrf)
2021-12-22 19:15:00
cvelist
cvelist
CVE-2021-21921
2021-12-22 18:07:00
talos
talos
ics
ics
Advantech R-SeeNet
2021-12-14 12:00:00