Lucene search
K

4 matches found

Check Point Advisories
Check Point Advisories
added 2022/06/07 12:0 a.m.5 views

ConnectWise ManagedITSync SQL Injection (CVE-2017-18362)

An SQL injection vulnerability exists in ConnectWise ManagedITSync. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.4AI score0.86706EPSS
Exploits1
Circl
Circl
added 2019/02/05 12:26 p.m.10 views

CVE-2017-18362

creationtimestamp| type| source ---|---|--- 2019-02-05 12:26:15+00:00| exploited| https://t.me/cibsecurity/2385 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-12-24 20:31:21+00:00| seen| https://feedsin.space/feed/CISAKevBot/items/2971576 2025-02-23 02:10:15+00:00...

9.8CVSS7.3AI score0.86706EPSS
Exploits1References9
Vulnrichment
Vulnrichment
added 2019/02/05 5:0 a.m.6 views

CVE-2017-18362

ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. In February 2019, attackers have actively exploited this in the wild to download and execute ransomware payloads on all...

9.9AI score0.86706EPSS
Exploits1References3
CVE
CVE
added 2019/02/05 5:0 a.m.984 views

CVE-2017-18362

Summary: CVE-2017-18362 affects Kaseya VSA via ConnectWise ManagedITSync. It allows unauthenticated remote commands to access and modify the Kaseya VSA database when ManagedIT.asmx is reachable through the web interface. The vulnerability has been actively exploited in the wild (February 2019) to...

9.8CVSS9.8AI score0.86706EPSS
In wildExploits1References4Affected Software1
Rows per page
Query Builder