SQL Injection Vulnerability in SG UTM User Portal (Version 9.708 MR8) Allows Code Execution

SQL Injection Vulnerability in SG UTM User Portal (Version 9.708 MR8) Allows Code Execution

CVE-2021-36807 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An authenticated user could potentially execute code via an SQLi vulnerability in the user portal of SG UTM before version 9.708 MR8.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.