Unrated severityNVD Advisory· Published Oct 13, 2023· Updated Sep 16, 2024

SQL injection vulnerability in Farmbot-Web-App

CVE-2023-45674

Description

Farmbot-Web-App is a web control interface for the Farmbot farm automation platform. An SQL injection vulnerability was found in FarmBot's web app that allows authenticated attackers to extract arbitrary data from its database (including the user table). This issue may lead to Information Disclosure. This issue has been patched in version 15.8.4. Users are advised to upgrade. There are no known workarounds for this issue.

Affected products

Farm Fe/Farmbot Web Appv5
Range: < 15.8.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/FarmBot/Farmbot-Web-App/security/advisories/GHSA-pgq5-ff74-g7xqmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000