CVE-2022-39069: SQL Injection
First published: Tue Nov 08 2022(Updated: )
There is a SQL injection vulnerability in ZTE ZAIP-AIE. Due to lack of input verification by the server, an attacker could trigger an attack by building malicious requests. Exploitation of this vulnerability could cause the leakage of the current table content.
Credit: psirt@zte.com.cn
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ZTE ZAIP-AIE | <8.22.02 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for the SQL injection vulnerability in ZTE ZAIP-AIE?
The vulnerability ID for the SQL injection vulnerability in ZTE ZAIP-AIE is CVE-2022-39069.
What is the severity of CVE-2022-39069?
The severity of CVE-2022-39069 is medium.
How does the SQL injection vulnerability in ZTE ZAIP-AIE occur?
The SQL injection vulnerability in ZTE ZAIP-AIE occurs due to lack of input verification by the server.
What is the potential impact of exploiting CVE-2022-39069?
Exploitation of CVE-2022-39069 could cause the leakage of the current table content.
How can I mitigate the SQL injection vulnerability in ZTE ZAIP-AIE?
To mitigate the SQL injection vulnerability in ZTE ZAIP-AIE, ensure that input verification is implemented on the server side.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/type
- agent/description
- agent/event
- agent/tags
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/zte
- canonical/zte zaip-aie