Arbitrary Code Execution Via ID Parameter of Data.jsp Page
CVE-2024-42885

Currently unrated

Key Information:

Vendor

ESAFENET

Vendor
CVE Published:
5 September 2024

What is CVE-2024-42885?

SQL Injection vulnerability in ESAFENET CDG 5.6 and before allows an attacker to execute arbitrary code via the id parameter of the data.jsp page.

References

https://supervisor0.notion.site/ESAFENET-CDG-SQL-Injectio...

Timeline

  • Vulnerability published

.