VYPR

DIAEnergie

by Cisagov

CVEs (1)

  • CVE-2022-40967HigOct 27, 2022
    risk 0.58cvss 8.8epss 0.08

    The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a SQL injection that exists in CheckIoTHubNameExisted. A low-privileged authenticated attacker could exploit this issue to inject arbitrary SQL queries.