The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a SQL injection that exists in CheckIoTHubNameExisted. A low-privileged authenticated attacker could exploit this issue to inject arbitrary SQL queries.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2022-10-27T20:15:38.073089Z

Updated: 2024-09-16T18:03:59.370Z

Reserved: 2022-09-29T00:00:00

Link: CVE-2022-40967

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-10-27T21:15:14.650

Modified: 2024-11-21T07:22:19.503

Link: CVE-2022-40967

cve-icon Redhat

No data.