Unrated severityNVD Advisory· Published Oct 22, 2021· Updated Sep 16, 2024
AUVESY Versiondog
CVE-2021-38481
Description
The scheduler service running on a specific TCP port enables the user to start and stop jobs. There is no sanitation of the supplied JOB ID provided to the function. An attacker may send a malicious payload that can enable the user to execute another SQL expression by sending a specific string.
Affected products
1- Range: All
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- us-cert.cisa.gov/ics/advisories/icsa-21-292-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.