CVE-2024-1301: Multiple Vulnerabilities in Badger Meter's Monitool

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-1301

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Multiple Vulnerabilities in Badger Meter's Monitool

Source: NVD (National Vulnerability Database)

Vulnerability Description

SQL injection vulnerability in Badger Meter Monitool affecting versions 4.6.3 and earlier. A remote attacker could send a specially crafted SQL query to the server via the j_username parameter and retrieve the information stored in the database.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

SQL命令中使用的特殊元素转义处理不恰当(SQL注入)

Source: NVD (National Vulnerability Database)

Vulnerability Title

s::can moni::tools SQL注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

s::can moni::tools是s::can公司的一个管理几乎无限数量的站点、在线探头、分析仪和参数的平台。 s::can moni::tools 4.6.3 版本存在SQL注入漏洞，该漏洞源于可以通过 j_username 参数向服务器发送特制的 SQL 查询，并检索数据库中存储的信息。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Badger Meter	Monitool	4.6.3	-

II. Public POCs for CVE-2024-1301

#	POC Description	Source Link	Shenlong Link
1	POC Badgermeter moni tool - CVE-2024-1301	https://github.com/guillermogm4/CVE-2024-1301---Badgermeter-moni-tool-SQL-Injection	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-1301

Please Login to view more intelligence information

IV. Related Vulnerabilities

Same product: Monitool

Same vendor: Badger Meter

Same weakness: CWE-89

V. Comments for CVE-2024-1301

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2024-1301

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-1301

III. Intelligence Information for CVE-2024-1301

IV. Related Vulnerabilities

V. Comments for CVE-2024-1301

Leave a comment