CVE-2024-55159

GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the SortName parameter at /system/loginLog/list...

CVE-2024-55159

GFast v2–v3.2 contains a SQL injection vulnerability in the SortName parameter exposed at /system/loginLog/list. Affected versions are 2 through 3.2. The issue is evidenced in multiple sources (e.g., PT-2025-7444) with a recommended workaround: restrict access to the /system/loginLog/list endpoin...