Vulnerability CVE-2024-8329


Published: 2024-08-30

Description:
6SHR system from Gether Technology does not properly validate the specific page parameter, allowing remote attackers with regular privilege to inject SQL command to read, modify, and delete database contents.

Type:

CWE-89

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

 References:
https://www.twcert.org.tw/tw/cp-132-8030-e2eac-1.html
https://www.twcert.org.tw/en/cp-139-8034-657b7-2.html

Copyright 2026, cxsecurity.com

 

Back to Top