Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Group.Save webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to inject SQL commands via unspecified vectors.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: synology
Published: 2024-03-28T06:26:12.750Z
Updated: 2024-08-02T01:10:54.645Z
Reserved: 2024-03-19T06:14:19.314Z
Link: CVE-2024-29234
Vulnrichment
Updated: 2024-08-02T01:10:54.645Z
NVD
Status : Awaiting Analysis
Published: 2024-03-28T07:16:06.830
Modified: 2024-03-28T12:42:56.150
Link: CVE-2024-29234
Redhat
No data.