Unrated severityNVD Advisory· Published May 4, 2023· Updated Nov 22, 2024
Caton CTP Relay Server API login sql injection
CVE-2023-2519
Description
A vulnerability has been found in Caton CTP Relay Server 1.2.9 and classified as critical. This vulnerability affects unknown code of the file /server/api/v1/login of the component API. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. VDB-228010 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Affected products
2- Range: =1.2.9
- Caton/CTP Relay Serverv5Range: 1.2.9
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.