Critical SQL Injection Vulnerability in Ericsson-LG iPECS NMS A.1Ac Login Portal

Critical SQL Injection Vulnerability in Ericsson-LG iPECS NMS A.1Ac Login Portal

CVE-2018-9245 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.