The ZEROF Expert pro/2.0 application for mobile devices allows SQL Injection via the Authorization header to the /v2/devices/add endpoint.
References
Link | Resource |
---|---|
https://github.com/awillix/research/blob/main/cve/CVE-2021-30176.md | Third Party Advisory |
https://pro.zerof.ru | Product |
Configurations
History
No history.
Information
Published : 2021-04-13 14:15
Updated : 2024-02-28 18:28
NVD link : CVE-2021-30176
Mitre link : CVE-2021-30176
CVE.ORG link : CVE-2021-30176
JSON object : View
Products Affected
zerof
- expert
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')