2 matches found
CVE-2020-6880
A ZXELINK wireless controller has a SQL injection vulnerability. A remote attacker does not need to log in. By sending malicious SQL statements, because the device does not properly filter parameters, successful use can obtain management rights. This affects: ZXV10 W908 all versions before...
CVE-2020-6880
The CVE-2020-6880 issue affects ZXELINK ZXV10 W908 wireless controller devices, where an SQL injection flaw stems from improper parameter filtering. A remote attacker can send crafted SQL statements without authentication and escalate to administrative rights. Affected versions are prior to ZXELI...