Authenticated SQL Injection in AudioCodes Device Manager Express
CVE-2022-24628 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is authenticated SQL injection in the id parameter of IPPhoneFirmwareEdit.php.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.