CVE-2021-3854

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Glox Technology Useroam Hotspot allows SQL Injection. This issue affects Useroam Hotspot: before 5.1.0.15.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.usom.gov.tr/bildirim/tr-23-0120	Third Party Advisory
https://www.usom.gov.tr/bildirim/tr-23-0120	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:glox:useroam_hotspot:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:22

Type	Values Removed	Values Added
References	~~() https://www.usom.gov.tr/bildirim/tr-23-0120 - Third Party Advisory~~	() https://www.usom.gov.tr/bildirim/tr-23-0120 - Third Party Advisory

07 Nov 2023, 03:38

Type	Values Removed	Values Added
Summary	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Glox Technology Useroam Hotspot allows SQL Injection. This issue affects Useroam Hotspot: before 5.1.0.15.	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Glox Technology Useroam Hotspot allows SQL Injection. This issue affects Useroam Hotspot: before 5.1.0.15.

Information

Published : 2023-03-02 12:15

Updated : 2024-11-21 06:22

NVD link : CVE-2021-3854

Mitre link : CVE-2021-3854

CVE.ORG link : CVE-2021-3854

JSON object : View

Products Affected

glox

useroam_hotspot

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

9.8 /10