TROYANOSYVIRUS
Retour aux CVEs

CVE-2024-25833

CRITICAL
9.8

Description

F-logic DataCube3 v1.0 is vulnerable to unauthenticated SQL injection, which could allow an unauthenticated malicious actor to execute arbitrary SQL queries in database.

Details CVE

Score CVSS v3.19.8
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie2/29/2024
Derniere modification1/16/2025
Sourcenvd
Observations honeypot0

Produits affectes

f-logic:datacube3

Faiblesses (CWE)

CWE-89CWE-89

References

https://neroteam.com/blog/f-logic-datacube3-vulnerability-report(cve@mitre.org)
https://neroteam.com/blog/f-logic-datacube3-vulnerability-report(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.