CVE-2023-4675
CVSS 3.1 Score 5.9 of 10 (medium)
Details
Summary
CVE-2023-4675 is a newly disclosed SQL Injection vulnerability affecting GM Information Technologies MDO software. An attacker can exploit this issue by improperly neutralizing special elements in SQL commands, allowing them to inject malicious code and potentially gain unauthorized access to sensitive data. This vulnerability, which goes unfixed through December 2023, poses a significant risk to organizations using the affected software. Despite early disclosure to the vendor, no response has been received, increasing the urgency for affected users to take protective measures.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Frrouting