CVE-2024-8705 | Shandong Star Measurement and Control Equipment Heating Network Wireless Monitoring System 5.6.2 /DataSrvs/UCCGSrv.asmx GetDataKindByType sql injection

Posted by Angelo Barbosa | Sep 11, 2024 | CVE

A vulnerability was found in Shandong Star Measurement and Control Equipment Heating Network Wireless Monitoring System 5.6.2 and classified as critical. Affected by this issue is the function GetDataKindByType of the file /DataSrvs/UCCGSrv.asmx. The manipulation leads to sql injection.

This vulnerability is handled as CVE-2024-8705. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2024-8705 | Shandong Star Measurement and Control Equipment Heating Network Wireless Monitoring System 5.6.2 /DataSrvs/UCCGSrv.asmx GetDataKindByType sql injection

Related Posts

CVE-2023-45083 | SoftIron HyperCloud up to 2.0 privileges management

CVE-2017-20189 | Clojure up to 1.8.x deserialization

CVE-2024-0997 | Totolink N200RE 9.3.5u.6139_B20201216 /cgi-bin/cstecgi.cgi setOpModeCfg pppoeUser stack-based overflow

CVE-2024-24303 | HiPresta Gift Wrapping Pro Module up to 1.4.0 on PrestaShop addGiftWrappingCartValue sql injection