First published: Tue Nov 08 2022(Updated: )
There is a SQL injection vulnerability in ZTE ZAIP-AIE. Due to lack of input verification by the server, an attacker could trigger an attack by building malicious requests. Exploitation of this vulnerability could cause the leakage of the current table content.
Credit: psirt@zte.com.cn
Affected Software | Affected Version | How to fix |
---|---|---|
ZTE ZAIP-AIE | <8.22.02 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for the SQL injection vulnerability in ZTE ZAIP-AIE is CVE-2022-39069.
The severity of CVE-2022-39069 is medium.
The SQL injection vulnerability in ZTE ZAIP-AIE occurs due to lack of input verification by the server.
Exploitation of CVE-2022-39069 could cause the leakage of the current table content.
To mitigate the SQL injection vulnerability in ZTE ZAIP-AIE, ensure that input verification is implemented on the server side.