Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authenticated SQL injection in API - Digi On-Prem Manager
Vulnerability Description
An injection vulnerability has been discovered in the API feature in Digi On-Prem Manager, enabling an attacker with valid API tokens to inject SQL via crafted input. The API is not enabled by default, and a valid API token is required to perform the attack.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
Nettec AS Digi On-Prem Manager 安全漏洞
Vulnerability Description
Nettec AS Digi On-Prem Manager是挪威Nettec AS公司的一个设备管理平台。 Nettec AS Digi On-Prem Manager存在安全漏洞,该漏洞源于API功能存在SQL注入漏洞,可能导致SQL注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A