Unrated severityNVD Advisory· Published Nov 26, 2014· Updated May 6, 2026

CVE-2014-9095

Description

Multiple SQL injection vulnerabilities in Raritan Power IQ 4.1.0 and 4.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to license/records.

Affected products

Raritan/Power Iq2 versions
cpe:2.3:a:raritan:power_iq:4.1.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:raritan:power_iq:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:raritan:power_iq:4.2.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/127525/Raritan-PowerIQ-Unauthenticated-SQL-Injection.htmlnvdExploit
seclists.org/fulldisclosure/2014/Jul/79nvdExploit
secunia.com/advisories/60138nvd
www.securityfocus.com/bid/68722nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000