RouterCVE

CVE-2011-1653

NONE
CVSS v3
10.0CVSS v2
75.33% EPSS (exploit probability)
CWE-89CWE

Description

Multiple SQL injection vulnerabilities in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 allow remote attackers to execute arbitrary SQL commands via vectors involving the (1) UnAssignFunctionalRoles, (2) UnassignAdminRoles, (3) DeleteFilter, (4) NonAssignedUserList, (5) DeleteReportLayout, (6) DeleteReports, and (7) RegenerateReport stored procedures.

Affected routers (1)

VendorModelMatched viaAffected versionsFixed inPatch?
Ubiquiti Ubiquiti EdgeRouter 4 No

External references