Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
COMMAX Smart Home IoT Control System SQL Injection Authentication Bypass
Vulnerability Description
COMMAX Smart Home System CDP-1020n contains an SQL injection vulnerability that allows attackers to bypass authentication by injecting arbitrary SQL code through the 'id' parameter in 'loginstart.asp'. Attackers can exploit this by sending a POST request with malicious 'id' values to manipulate database queries and gain unauthorized access.
CVSS Information
N/A
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
COMMAX Smart Home System SQL注入漏洞
Vulnerability Description
COMMAX Smart Home System是韩国COMMAX公司的一个智能家居系统。 COMMAX Smart Home System存在SQL注入漏洞,该漏洞源于loginstart.asp中id参数存在SQL注入问题,可能导致认证绕过。
CVSS Information
N/A
Vulnerability Type
N/A