CVE-2024-9921

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Oct 14, 2024
Updated: Oct 15, 2024
CWE ID 89

Summary

CVE-2024-9921 is a critical vulnerability affecting the Team+ product from TEAMPLUS TECHNOLOGY, specifically the zds30i model. The flaw arises from improper validation of page parameters, enabling unauthenticated remote attackers to execute arbitrary SQL commands that can compromise database integrity by allowing unauthorized access to read, modify, or delete data. The vulnerability has a CVSS base score of 9.8, indicating severe potential impacts on confidentiality, integrity, and availability. Organizations are advised to remediate this issue promptly to mitigate risks by applying patches or updates provided by TEAMPLUS TECHNOLOGY. Failure to address this vulnerability could lead to significant data breaches and loss of sensitive information.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share