header-logo
Suggest Exploit
vendor:
Cyberoam UTM
by:
Unknown
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Cyberoam UTM
Affected Version From: Not available
Affected Version To: Not available
Patch Exists: NO
Related CWE: Not available
CPE: Not available
Metasploit:
Other Scripts:
Platforms Tested: Not available
2012

SQL Injection vulnerability in Cyberoam UTM

The Cyberoam UTM is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Mitigation:

To mitigate this vulnerability, it is recommended to apply the necessary security patches or updates provided by the vendor. Additionally, input validation and proper sanitization of user-supplied data should be implemented in the application.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/51143/info

Cyberoam UTM is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 

http://www.example.com/corporate/Controller?mode=301&tableid=[SQL]&sort=&dir=

Navigation

Suggest Exploit

Services By CQR