ConnectWise ManagedITSync SQL Injection (CVE-2017-18362)

An SQL injection vulnerability exists in ConnectWise ManagedITSync. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

VulnCheck KEV: CVE-2017-18362

ConnectWise ManagedITSync integration for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database...

Sql injection

ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. In February 2019, attackers have actively exploited this in the wild to download and execute ransomware payloads on all...

CVE-2017-18362

ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. In February 2019, attackers have actively exploited this in the wild to download and execute ransomware payloads on all...