CVE-2024-7201

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 29, 2024
CWE ID 89

Summary

CVE-2024-7201 is a vulnerability affecting the login functionality of WinMatrix3 Web package from Simopro Technology. This issue permits unauthenticated remote attackers to inject SQL commands due to insufficient user input validation. Successful exploitation allows attackers to read, modify, and delete database contents. This vulnerability poses a serious threat to data confidentiality and integrity, and immediate remediation is required to prevent potential attacks. Users are advised to update their WinMatrix3 Web package to the latest version, which reportedly addresses this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share