VYPR

Network Olympus

by Network Olympus

CVEs (1)

  • CVE-2022-25225Mar 8, 2022
    risk 0.00cvss epss 0.03

    Network Olympus version 1.8.0 allows an authenticated admin user to inject SQL queries in '/api/eventinstance' via the 'sqlparameter' JSON parameter. It is also possible to achieve remote code execution in the default installation (PostgreSQL) by exploiting this issue.