CVE-2022-1531
SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in rtxteam/rtx
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 10EPSS 3.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
29 Apr 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint_2022-04-20 . This vulnerability is critical as it can lead to remote code execution and thus complete server takeover.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
rtxteam · rtxteam/rtxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →