Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Network Olympus version 1.8.0 allows an authenticated admin user to inject SQL queries in '/api/eventinstance' via the 'sqlparameter' JSON parameter. It is also possible to achieve remote code execution in the default installation (PostgreSQL) by exploiting this issue.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Network Olympus SQL注入漏洞
Vulnerability Description
Network Olympus是Softinventive Lab的企业网络进行无代理监控。监控网络计算机和设备的性能和正常运行时间,观察各个服务和协议,并在任何性能指标超出预定义水平时收到警报。 Network Olympus 1.8.0版本 存在安全漏洞,该漏洞允许攻击者通过“sqlparameter”JSON 参数在“/api/eventinstance”中注入 SQL 查询,还可以在默认安装(PostgreSQL)中实现远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A