CVE-2020-3936

UltraLog Express device management interface does not properly filter user inputted string in some specific parameters, attackers can inject arbitrary SQL command.
References
Link Resource
https://www.twcert.org.tw/tw/cp-132-3451-7d9f0-1.html Third Party Advisory
Configurations

Configuration 1


Information

Published : 2020-03-27 04:15

Updated : 2020-03-31 03:02


NVD link : CVE-2020-3936

Mitre link : CVE-2020-3936

Products Affected
No products.
CWE