Vulnerabilities

CVE-2020-26525

by Fred · 02/10/2020

Damstra Smart Asset 2020.7 has SQL injection via the API/api/Asset originator parameter. This allows forcing the database and server to initiate remote connections to third party DNS servers.

Date published : 2020-10-02

https://github.com/lukaszstu/SmartAsset-SQLinj-CVE-2020-26525/blob/main/README.md

https://support.damstratechnology.com/hc/en-us/categories/900000115446-SmartAsset-Damstra-Asset-Management-Platform

Similar

Tags: Cybersecurity Alert