Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Recording.CountByCategory webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to inject SQL commands via unspecified vectors.
References
Configurations
No configuration.
History
28 Mar 2024, 07:16
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-03-28 07:16
Updated : 2024-03-28 12:42
NVD link : CVE-2024-29239
Mitre link : CVE-2024-29239
CVE.ORG link : CVE-2024-29239
JSON object : View
Products Affected
No product.
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')