Critical severity9.1NVD Advisory· Published Oct 2, 2020· Updated Jun 17, 2026
CVE-2020-26525
CVE-2020-26525
Description
Damstra Smart Asset 2020.7 has SQL injection via the API/api/Asset originator parameter. This allows forcing the database and server to initiate remote connections to third party DNS servers.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Damstra/Smart Assetdescription
- Range: 2020.7
Patches
Vulnerability mechanics
References
3- github.com/lukaszstu/SmartAsset-SQLinj-CVE-2020-26525/blob/main/README.mdnvdThird Party Advisory
- support.damstratechnology.com/hc/en-us/categories/900000115446-SmartAsset-Damstra-Asset-Management-PlatformnvdVendor Advisory
- www.smartasset.com.aunvdProductVendor Advisory
News mentions
0No linked articles in our index yet.