A vulnerability was found in Wavelog 1.8.5. It has been declared as critical. Affected by this vulnerability is the function
get_worked_modes
of the file Oqrs_model.php. The manipulation of the argument station_id leads to sql injection.
This vulnerability is known as CVE-2024-48257. The attack can only be done within the local network. There is no exploit available.